@farazirfan/costar-server-executor 1.7.54 → 1.7.56

package/dist/db/local-database.js

@@ -0,0 +1,419 @@
+/**
+ * Local SQLite Database — Activity, Assets, Projects
+ * Replaces Supabase for structured data. Runs on each sandbox.
+ * Part of Phase 4: Direct Client → Sandbox Architecture.
+ *
+ * Uses better-sqlite3 for synchronous, fast queries.
+ * Vector search via sqlite-vec for embeddings.
+ */
+import path from "node:path";
+import fs from "node:fs";
+import { resolveCoStarDir } from "../cli/paths.js";
+let db = null;
+/**
+ * Get the database file path.
+ */
+function getDbPath() {
+    return path.join(resolveCoStarDir(), "costar.db");
+}
+/**
+ * Generate a random hex ID (UUID-like, 32 chars).
+ */
+function generateId() {
+    const bytes = new Uint8Array(16);
+    crypto.getRandomValues(bytes);
+    return Array.from(bytes)
+        .map((b) => b.toString(16).padStart(2, "0"))
+        .join("");
+}
+/**
+ * Initialize the database. Creates tables if they don't exist.
+ */
+export async function initDatabase() {
+    if (db)
+        return;
+    const dbPath = getDbPath();
+    const dir = path.dirname(dbPath);
+    if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+    }
+    try {
+        // Dynamic import — better-sqlite3 is a native module (optional dep)
+        // eslint-disable-next-line @typescript-eslint/no-var-requires
+        const moduleName = "better-sqlite3";
+        const BetterSqlite3 = (await import(/* webpackIgnore: true */ moduleName)).default;
+        db = new BetterSqlite3(dbPath);
+        // Enable WAL mode for better concurrency
+        db.pragma("journal_mode = WAL");
+        // Create tables
+        db.exec(`
+      CREATE TABLE IF NOT EXISTS agent_activity (
+        id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+        user_id TEXT NOT NULL,
+        request TEXT,
+        response TEXT,
+        status TEXT DEFAULT 'pending',
+        executor TEXT DEFAULT 'server',
+        source TEXT,
+        tool_calls INTEGER DEFAULT 0,
+        duration INTEGER,
+        error TEXT,
+        keywords TEXT,
+        categories TEXT,
+        sandbox_id TEXT,
+        created_at TEXT DEFAULT (datetime('now')),
+        updated_at TEXT DEFAULT (datetime('now'))
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_activity_user_id ON agent_activity(user_id);
+      CREATE INDEX IF NOT EXISTS idx_activity_status ON agent_activity(status);
+      CREATE INDEX IF NOT EXISTS idx_activity_created_at ON agent_activity(created_at);
+      CREATE INDEX IF NOT EXISTS idx_activity_executor ON agent_activity(executor);
+
+      CREATE TABLE IF NOT EXISTS assets (
+        id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+        user_id TEXT NOT NULL,
+        name TEXT,
+        type TEXT,
+        local_file_path TEXT,
+        remote_url TEXT UNIQUE,
+        description TEXT,
+        sandbox_id TEXT,
+        created_at TEXT DEFAULT (datetime('now')),
+        updated_at TEXT DEFAULT (datetime('now'))
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_assets_user_id ON assets(user_id);
+
+      CREATE TABLE IF NOT EXISTS projects (
+        id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+        user_id TEXT NOT NULL,
+        name TEXT,
+        description TEXT,
+        sandbox_id TEXT,
+        project_path TEXT,
+        convo_summary TEXT,
+        is_active INTEGER DEFAULT 0,
+        created_at TEXT DEFAULT (datetime('now')),
+        updated_at TEXT DEFAULT (datetime('now'))
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_projects_user_id ON projects(user_id);
+
+      CREATE TABLE IF NOT EXISTS request_assets (
+        id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+        request_id TEXT REFERENCES agent_activity(id),
+        asset_id TEXT REFERENCES assets(id),
+        action TEXT,
+        created_at TEXT DEFAULT (datetime('now'))
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_req_assets_request ON request_assets(request_id);
+      CREATE INDEX IF NOT EXISTS idx_req_assets_asset ON request_assets(asset_id);
+
+      CREATE TABLE IF NOT EXISTS request_projects (
+        id TEXT PRIMARY KEY DEFAULT (lower(hex(randomblob(16)))),
+        request_id TEXT REFERENCES agent_activity(id),
+        project_id TEXT REFERENCES projects(id),
+        action TEXT,
+        created_at TEXT DEFAULT (datetime('now'))
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_req_projects_request ON request_projects(request_id);
+      CREATE INDEX IF NOT EXISTS idx_req_projects_project ON request_projects(project_id);
+    `);
+        // Try to load sqlite-vec for vector search (optional — graceful fallback)
+        try {
+            const vecModuleName = "sqlite-vec";
+            const sqliteVec = await import(/* webpackIgnore: true */ vecModuleName);
+            sqliteVec.load(db);
+            db.exec(`
+        CREATE VIRTUAL TABLE IF NOT EXISTS activity_embeddings USING vec0(
+          activity_id TEXT PRIMARY KEY,
+          embedding FLOAT[1536]
+        );
+      `);
+            console.log("[DB] sqlite-vec loaded — vector search enabled");
+        }
+        catch {
+            console.log("[DB] sqlite-vec not available — vector search disabled (keyword search only)");
+        }
+        console.log(`[DB] Database initialized at ${dbPath}`);
+    }
+    catch (error) {
+        console.error("[DB] Failed to initialize database:", error);
+        throw error;
+    }
+}
+/**
+ * Get the database instance. Throws if not initialized.
+ */
+function getDb() {
+    if (!db)
+        throw new Error("Database not initialized. Call initDatabase() first.");
+    return db;
+}
+/**
+ * Close the database connection.
+ */
+export function closeDatabase() {
+    if (db) {
+        db.close();
+        db = null;
+        console.log("[DB] Database closed");
+    }
+}
+export function createActivity(params) {
+    const d = getDb();
+    const id = generateId();
+    const now = new Date().toISOString();
+    d.prepare(`
+    INSERT INTO agent_activity (id, user_id, request, executor, source, sandbox_id, status, created_at, updated_at)
+    VALUES (?, ?, ?, ?, ?, ?, 'pending', ?, ?)
+  `).run(id, params.userId, params.request, params.executor, params.source ?? null, params.sandboxId ?? null, now, now);
+    // Store embedding if provided
+    if (params.embedding && params.embedding.length === 1536) {
+        try {
+            d.prepare(`INSERT INTO activity_embeddings (activity_id, embedding) VALUES (?, ?)`).run(id, new Float32Array(params.embedding).buffer);
+        }
+        catch {
+            // sqlite-vec not loaded — silently skip
+        }
+    }
+    return d.prepare(`SELECT * FROM agent_activity WHERE id = ?`).get(id);
+}
+export function completeActivity(params) {
+    const d = getDb();
+    const now = new Date().toISOString();
+    const fields = ["response = ?", "status = 'completed'", "updated_at = ?"];
+    const values = [params.response, now];
+    if (params.request !== undefined) {
+        fields.push("request = ?");
+        values.push(params.request);
+    }
+    if (params.toolCalls !== undefined) {
+        fields.push("tool_calls = ?");
+        values.push(params.toolCalls);
+    }
+    if (params.duration !== undefined) {
+        fields.push("duration = ?");
+        values.push(params.duration);
+    }
+    if (params.keywords !== undefined) {
+        fields.push("keywords = ?");
+        values.push(params.keywords);
+    }
+    if (params.categories !== undefined) {
+        fields.push("categories = ?");
+        values.push(JSON.stringify(params.categories));
+    }
+    values.push(params.activityId);
+    d.prepare(`UPDATE agent_activity SET ${fields.join(", ")} WHERE id = ?`).run(...values);
+    // Update embedding if provided
+    if (params.embedding && params.embedding.length === 1536) {
+        try {
+            d.prepare(`INSERT OR REPLACE INTO activity_embeddings (activity_id, embedding) VALUES (?, ?)`).run(params.activityId, new Float32Array(params.embedding).buffer);
+        }
+        catch {
+            // sqlite-vec not loaded
+        }
+    }
+    return d.prepare(`SELECT * FROM agent_activity WHERE id = ?`).get(params.activityId);
+}
+export function failActivity(params) {
+    const d = getDb();
+    const now = new Date().toISOString();
+    d.prepare(`
+    UPDATE agent_activity SET status = 'failed', error = ?, duration = ?, updated_at = ? WHERE id = ?
+  `).run(params.error, params.duration ?? null, now, params.activityId);
+    return d.prepare(`SELECT * FROM agent_activity WHERE id = ?`).get(params.activityId);
+}
+export function getActivityById(activityId) {
+    const d = getDb();
+    return d.prepare(`SELECT * FROM agent_activity WHERE id = ?`).get(activityId) ?? null;
+}
+export function getRecentActivity(userId, limit = 50) {
+    const d = getDb();
+    return d.prepare(`
+    SELECT * FROM agent_activity WHERE user_id = ? ORDER BY created_at DESC LIMIT ?
+  `).all(userId, limit);
+}
+export function getActivityByStatus(userId, status, limit = 50) {
+    const d = getDb();
+    return d.prepare(`
+    SELECT * FROM agent_activity WHERE user_id = ? AND status = ? ORDER BY created_at DESC LIMIT ?
+  `).all(userId, status, limit);
+}
+export function getNewClientActivitySince(userId, afterTimestamp, limit = 30) {
+    const d = getDb();
+    if (afterTimestamp) {
+        return d.prepare(`
+      SELECT * FROM agent_activity
+      WHERE user_id = ? AND status = 'completed' AND executor = 'client' AND created_at > ?
+      ORDER BY created_at ASC LIMIT ?
+    `).all(userId, afterTimestamp, limit);
+    }
+    return d.prepare(`
+    SELECT * FROM agent_activity
+    WHERE user_id = ? AND status = 'completed' AND executor = 'client'
+    ORDER BY created_at ASC LIMIT ?
+  `).all(userId, limit);
+}
+export function searchActivityByKeywords(userId, query, limit = 10) {
+    const d = getDb();
+    const pattern = `%${query}%`;
+    return d.prepare(`
+    SELECT * FROM agent_activity
+    WHERE user_id = ? AND status = 'completed'
+      AND (request LIKE ? OR response LIKE ? OR keywords LIKE ?)
+    ORDER BY created_at DESC LIMIT ?
+  `).all(userId, pattern, pattern, pattern, limit);
+}
+/**
+ * Semantic vector search via sqlite-vec.
+ * Falls back to empty results if sqlite-vec not loaded.
+ */
+export function searchActivityByEmbedding(embedding, userId, limit = 10, threshold = 0.7) {
+    const d = getDb();
+    try {
+        // sqlite-vec KNN search
+        const embeddingBuf = new Float32Array(embedding).buffer;
+        const rows = d.prepare(`
+      SELECT ae.activity_id, distance
+      FROM activity_embeddings ae
+      WHERE embedding MATCH ? AND k = ?
+      ORDER BY distance ASC
+    `).all(embeddingBuf, limit * 2);
+        // Convert distance to similarity (cosine distance → similarity)
+        const results = [];
+        for (const row of rows) {
+            const similarity = 1 - row.distance;
+            if (similarity < threshold)
+                continue;
+            const activity = d.prepare(`
+        SELECT * FROM agent_activity WHERE id = ? AND user_id = ?
+      `).get(row.activity_id, userId);
+            if (activity) {
+                results.push({ ...activity, similarity });
+            }
+        }
+        return results.slice(0, limit);
+    }
+    catch {
+        // sqlite-vec not loaded
+        return [];
+    }
+}
+export function getActivityStats(userId) {
+    const d = getDb();
+    const rows = d.prepare(`
+    SELECT status, duration, tool_calls FROM agent_activity WHERE user_id = ?
+  `).all(userId);
+    let total = 0, pending = 0, completed = 0, failed = 0;
+    let totalDuration = 0, durationCount = 0;
+    let totalToolCalls = 0, toolCallsCount = 0;
+    for (const row of rows) {
+        total++;
+        if (row.status === "pending")
+            pending++;
+        if (row.status === "completed")
+            completed++;
+        if (row.status === "failed")
+            failed++;
+        if (row.duration !== null) {
+            totalDuration += row.duration;
+            durationCount++;
+        }
+        if (row.tool_calls !== null) {
+            totalToolCalls += row.tool_calls;
+            toolCallsCount++;
+        }
+    }
+    return {
+        total,
+        pending,
+        completed,
+        failed,
+        avgDuration: durationCount > 0 ? Math.round(totalDuration / durationCount) : undefined,
+        avgToolCalls: toolCallsCount > 0 ? Math.round((totalToolCalls / toolCallsCount) * 10) / 10 : undefined,
+    };
+}
+export function upsertAsset(params) {
+    const d = getDb();
+    const now = new Date().toISOString();
+    // Try to find existing asset by remote_url (unique constraint)
+    if (params.remoteUrl) {
+        const existing = d.prepare(`SELECT * FROM assets WHERE remote_url = ?`).get(params.remoteUrl);
+        if (existing) {
+            d.prepare(`
+        UPDATE assets SET name = ?, type = ?, local_file_path = ?, description = ?, updated_at = ?
+        WHERE id = ?
+      `).run(params.name ?? existing.name, params.type ?? existing.type, params.localFilePath ?? existing.local_file_path, params.description ?? existing.description, now, existing.id);
+            return d.prepare(`SELECT * FROM assets WHERE id = ?`).get(existing.id);
+        }
+    }
+    const id = generateId();
+    d.prepare(`
+    INSERT INTO assets (id, user_id, name, type, local_file_path, remote_url, description, sandbox_id, created_at, updated_at)
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+  `).run(id, params.userId, params.name ?? null, params.type ?? null, params.localFilePath ?? null, params.remoteUrl ?? null, params.description ?? null, params.sandboxId ?? null, now, now);
+    return d.prepare(`SELECT * FROM assets WHERE id = ?`).get(id);
+}
+export function getAssets(userId, limit = 100) {
+    const d = getDb();
+    return d.prepare(`
+    SELECT * FROM assets WHERE user_id = ? ORDER BY created_at DESC LIMIT ?
+  `).all(userId, limit);
+}
+export function getAssetById(assetId) {
+    const d = getDb();
+    return d.prepare(`SELECT * FROM assets WHERE id = ?`).get(assetId) ?? null;
+}
+export function linkAssetToActivity(params) {
+    const d = getDb();
+    const id = generateId();
+    d.prepare(`
+    INSERT INTO request_assets (id, request_id, asset_id, action, created_at)
+    VALUES (?, ?, ?, ?, ?)
+  `).run(id, params.requestId, params.assetId, params.action ?? null, new Date().toISOString());
+}
+export function upsertProject(params) {
+    const d = getDb();
+    const now = new Date().toISOString();
+    // Update existing if ID provided
+    if (params.id) {
+        const existing = d.prepare(`SELECT * FROM projects WHERE id = ?`).get(params.id);
+        if (existing) {
+            d.prepare(`
+        UPDATE projects SET name = ?, description = ?, project_path = ?, convo_summary = ?, is_active = ?, updated_at = ?
+        WHERE id = ?
+      `).run(params.name ?? existing.name, params.description ?? existing.description, params.projectPath ?? existing.project_path, params.convoSummary ?? existing.convo_summary, params.isActive !== undefined ? (params.isActive ? 1 : 0) : existing.is_active, now, params.id);
+            return d.prepare(`SELECT * FROM projects WHERE id = ?`).get(params.id);
+        }
+    }
+    const id = params.id || generateId();
+    d.prepare(`
+    INSERT INTO projects (id, user_id, name, description, sandbox_id, project_path, convo_summary, is_active, created_at, updated_at)
+    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+  `).run(id, params.userId, params.name ?? null, params.description ?? null, params.sandboxId ?? null, params.projectPath ?? null, params.convoSummary ?? null, params.isActive ? 1 : 0, now, now);
+    return d.prepare(`SELECT * FROM projects WHERE id = ?`).get(id);
+}
+export function getProjects(userId, limit = 100) {
+    const d = getDb();
+    return d.prepare(`
+    SELECT * FROM projects WHERE user_id = ? ORDER BY created_at DESC LIMIT ?
+  `).all(userId, limit);
+}
+export function getProjectById(projectId) {
+    const d = getDb();
+    return d.prepare(`SELECT * FROM projects WHERE id = ?`).get(projectId) ?? null;
+}
+export function linkProjectToActivity(params) {
+    const d = getDb();
+    const id = generateId();
+    d.prepare(`
+    INSERT INTO request_projects (id, request_id, project_id, action, created_at)
+    VALUES (?, ?, ?, ?, ?)
+  `).run(id, params.requestId, params.projectId, params.action ?? null, new Date().toISOString());
+}
+//# sourceMappingURL=local-database.js.map

package/dist/db/local-database.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"local-database.js","sourceRoot":"","sources":["../../src/db/local-database.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAMnD,IAAI,EAAE,GAAoB,IAAI,CAAC;AAE/B;;GAEG;AACH,SAAS,SAAS;IAChB,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,WAAW,CAAC,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,SAAS,UAAU;IACjB,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;IACjC,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;SACrB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;SAC3C,IAAI,CAAC,EAAE,CAAC,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY;IAChC,IAAI,EAAE;QAAE,OAAO;IAEf,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,IAAI,CAAC;QACH,oEAAoE;QACpE,8DAA8D;QAC9D,MAAM,UAAU,GAAG,gBAAgB,CAAC;QACpC,MAAM,aAAa,GAAG,CAAC,MAAM,MAAM,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC;QACnF,EAAE,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,CAAC;QAE/B,yCAAyC;QACzC,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;QAEhC,gBAAgB;QAChB,EAAE,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KA2EP,CAAC,CAAC;QAEH,0EAA0E;QAC1E,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,YAAY,CAAC;YACnC,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,yBAAyB,CAAC,aAAa,CAAC,CAAC;YACxE,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACnB,EAAE,CAAC,IAAI,CAAC;;;;;OAKP,CAAC,CAAC;YACH,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,GAAG,CAAC,8EAA8E,CAAC,CAAC;QAC9F,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,gCAAgC,MAAM,EAAE,CAAC,CAAC;IACxD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;QAC5D,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,KAAK;IACZ,IAAI,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;IACjF,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa;IAC3B,IAAI,EAAE,EAAE,CAAC;QACP,EAAE,CAAC,KAAK,EAAE,CAAC;QACX,EAAE,GAAG,IAAI,CAAC;QACV,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAwBD,MAAM,UAAU,cAAc,CAAC,MAO9B;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;IACxB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,CAAC,CAAC,OAAO,CAAC;;;GAGT,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAEtH,8BAA8B;IAC9B,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QACzD,IAAI,CAAC;YACH,CAAC,CAAC,OAAO,CAAC,wEAAwE,CAAC,CAAC,GAAG,CACrF,EAAE,EACF,IAAI,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAC1C,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,wCAAwC;QAC1C,CAAC;IACH,CAAC;IAED,OAAO,CAAC,CAAC,OAAO,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,EAAE,CAAgB,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAShC;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,MAAM,MAAM,GAAa,CAAC,cAAc,EAAE,sBAAsB,EAAE,gBAAgB,CAAC,CAAC;IACpF,MAAM,MAAM,GAAc,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IAEjD,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IACD,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAChC,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC;IACD,IAAI,MAAM,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACpC,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAE/B,CAAC,CAAC,OAAO,CAAC,6BAA6B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC;IAExF,+BAA+B;IAC/B,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,IAAI,EAAE,CAAC;QACzD,IAAI,CAAC;YACH,CAAC,CAAC,OAAO,CAAC,mFAAmF,CAAC,CAAC,GAAG,CAChG,MAAM,CAAC,UAAU,EACjB,IAAI,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAC1C,CAAC;QACJ,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;IACH,CAAC;IAED,OAAO,CAAC,CAAC,OAAO,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,CAAgB,CAAC;AACtG,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,MAI5B;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,CAAC,CAAC,OAAO,CAAC;;GAET,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,QAAQ,IAAI,IAAI,EAAE,GAAG,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtE,OAAO,CAAC,CAAC,OAAO,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,CAAgB,CAAC;AACtG,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,UAAkB;IAChD,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAQ,CAAC,CAAC,OAAO,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,UAAU,CAAiB,IAAI,IAAI,CAAC;AACzG,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,MAAc,EAAE,QAAgB,EAAE;IAClE,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAO,CAAC,CAAC,OAAO,CAAC;;GAEhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAkB,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAAc,EAAE,MAAc,EAAE,QAAgB,EAAE;IACpF,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAO,CAAC,CAAC,OAAO,CAAC;;GAEhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAkB,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,MAAc,EAAE,cAA8B,EAAE,QAAgB,EAAE;IAC1G,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,CAAC,CAAC,OAAO,CAAC;;;;KAIhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,EAAE,KAAK,CAAkB,CAAC;IACzD,CAAC;IACD,OAAO,CAAC,CAAC,OAAO,CAAC;;;;GAIhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAkB,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,MAAc,EAAE,KAAa,EAAE,QAAgB,EAAE;IACxF,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,OAAO,GAAG,IAAI,KAAK,GAAG,CAAC;IAC7B,OAAO,CAAC,CAAC,OAAO,CAAC;;;;;GAKhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAkB,CAAC;AACpE,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CACvC,SAAmB,EACnB,MAAc,EACd,QAAgB,EAAE,EAClB,YAAoB,GAAG;IAEvB,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAElB,IAAI,CAAC;QACH,wBAAwB;QACxB,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC;QACxD,MAAM,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC;;;;;KAKtB,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,KAAK,GAAG,CAAC,CAAqD,CAAC;QAEpF,gEAAgE;QAChE,MAAM,OAAO,GAAgD,EAAE,CAAC;QAChE,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,UAAU,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC;YACpC,IAAI,UAAU,GAAG,SAAS;gBAAE,SAAS;YAErC,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC;;OAE1B,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,MAAM,CAA4B,CAAC;YAE3D,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,wBAAwB;QACxB,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAQ7C,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC;;GAEtB,CAAC,CAAC,GAAG,CAAC,MAAM,CAAkF,CAAC;IAEhG,IAAI,KAAK,GAAG,CAAC,EAAE,OAAO,GAAG,CAAC,EAAE,SAAS,GAAG,CAAC,EAAE,MAAM,GAAG,CAAC,CAAC;IACtD,IAAI,aAAa,GAAG,CAAC,EAAE,aAAa,GAAG,CAAC,CAAC;IACzC,IAAI,cAAc,GAAG,CAAC,EAAE,cAAc,GAAG,CAAC,CAAC;IAE3C,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,KAAK,EAAE,CAAC;QACR,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS;YAAE,OAAO,EAAE,CAAC;QACxC,IAAI,GAAG,CAAC,MAAM,KAAK,WAAW;YAAE,SAAS,EAAE,CAAC;QAC5C,IAAI,GAAG,CAAC,MAAM,KAAK,QAAQ;YAAE,MAAM,EAAE,CAAC;QACtC,IAAI,GAAG,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;YAAC,aAAa,IAAI,GAAG,CAAC,QAAQ,CAAC;YAAC,aAAa,EAAE,CAAC;QAAC,CAAC;QAC9E,IAAI,GAAG,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;YAAC,cAAc,IAAI,GAAG,CAAC,UAAU,CAAC;YAAC,cAAc,EAAE,CAAC;QAAC,CAAC;IACtF,CAAC;IAED,OAAO;QACL,KAAK;QACL,OAAO;QACP,SAAS;QACT,MAAM;QACN,WAAW,EAAE,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS;QACtF,YAAY,EAAE,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,cAAc,GAAG,cAAc,CAAC,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;KACvG,CAAC;AACJ,CAAC;AAmBD,MAAM,UAAU,WAAW,CAAC,MAQ3B;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,+DAA+D;IAC/D,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,2CAA2C,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAyB,CAAC;QACtH,IAAI,QAAQ,EAAE,CAAC;YACb,CAAC,CAAC,OAAO,CAAC;;;OAGT,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC,aAAa,IAAI,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC;YACnL,OAAO,CAAC,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAa,CAAC;QACrF,CAAC;IACH,CAAC;IAED,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;IACxB,CAAC,CAAC,OAAO,CAAC;;;GAGT,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,IAAI,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,IAAI,EAAE,MAAM,CAAC,aAAa,IAAI,IAAI,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAE5L,OAAO,CAAC,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAa,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,MAAc,EAAE,QAAgB,GAAG;IAC3D,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAO,CAAC,CAAC,OAAO,CAAC;;GAEhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAe,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,OAAe;IAC1C,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAQ,CAAC,CAAC,OAAO,CAAC,mCAAmC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAc,IAAI,IAAI,CAAC;AAC3F,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAInC;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;IACxB,CAAC,CAAC,OAAO,CAAC;;;GAGT,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;AAChG,CAAC;AAmBD,MAAM,UAAU,aAAa,CAAC,MAS7B;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,iCAAiC;IACjC,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;QACd,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,qCAAqC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAA2B,CAAC;QAC3G,IAAI,QAAQ,EAAE,CAAC;YACb,CAAC,CAAC,OAAO,CAAC;;;OAGT,CAAC,CAAC,GAAG,CACJ,MAAM,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,EAC5B,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC,WAAW,EAC1C,MAAM,CAAC,WAAW,IAAI,QAAQ,CAAC,YAAY,EAC3C,MAAM,CAAC,YAAY,IAAI,QAAQ,CAAC,aAAa,EAC7C,MAAM,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,EAC9E,GAAG,EACH,MAAM,CAAC,EAAE,CACV,CAAC;YACF,OAAO,CAAC,CAAC,OAAO,CAAC,qCAAqC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAe,CAAC;QACvF,CAAC;IACH,CAAC;IAED,MAAM,EAAE,GAAG,MAAM,CAAC,EAAE,IAAI,UAAU,EAAE,CAAC;IACrC,CAAC,CAAC,OAAO,CAAC;;;GAGT,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,IAAI,IAAI,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,MAAM,CAAC,WAAW,IAAI,IAAI,EAAE,MAAM,CAAC,YAAY,IAAI,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;IAEjM,OAAO,CAAC,CAAC,OAAO,CAAC,qCAAqC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAe,CAAC;AAChF,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAc,EAAE,QAAgB,GAAG;IAC7D,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAO,CAAC,CAAC,OAAO,CAAC;;GAEhB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAiB,CAAC;AACxC,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,SAAiB;IAC9C,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,OAAQ,CAAC,CAAC,OAAO,CAAC,qCAAqC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAgB,IAAI,IAAI,CAAC;AACjG,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,MAIrC;IACC,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,EAAE,GAAG,UAAU,EAAE,CAAC;IACxB,CAAC,CAAC,OAAO,CAAC;;;GAGT,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,MAAM,IAAI,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;AAClG,CAAC"}

package/dist/middleware/auth.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Auth Middleware — Bearer Token Authentication
+ * Validates CLIENT_API_TOKEN for all non-public endpoints.
+ * Part of Phase 1B: Direct Client → Sandbox Architecture.
+ */
+import type { Request, Response, NextFunction } from "express";
+/**
+ * Create auth middleware that validates Bearer tokens.
+ *
+ * @param clientApiToken - The expected token. If empty, ALL non-public requests are rejected.
+ */
+export declare function createAuthMiddleware(clientApiToken: string): (req: Request, res: Response, next: NextFunction) => void;
+//# sourceMappingURL=auth.d.ts.map

package/dist/middleware/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAgB/D;;;;GAIG;AACH,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,MAAM,IACjD,KAAK,OAAO,EAAE,KAAK,QAAQ,EAAE,MAAM,YAAY,KAAG,IAAI,CAiD/D"}

package/dist/middleware/auth.js

@@ -0,0 +1,67 @@
+/**
+ * Auth Middleware — Bearer Token Authentication
+ * Validates CLIENT_API_TOKEN for all non-public endpoints.
+ * Part of Phase 1B: Direct Client → Sandbox Architecture.
+ */
+/** Paths that skip auth (public endpoints) */
+const PUBLIC_PATHS = new Set([
+    "/api/health",
+    "/api/version",
+    "/",
+]);
+/** Path prefixes that skip auth (static files, dashboard) */
+const PUBLIC_PREFIXES = [
+    "/assets/",
+    "/public/",
+    "/favicon",
+];
+/**
+ * Create auth middleware that validates Bearer tokens.
+ *
+ * @param clientApiToken - The expected token. If empty, ALL non-public requests are rejected.
+ */
+export function createAuthMiddleware(clientApiToken) {
+    return (req, res, next) => {
+        // Skip auth for public paths
+        if (PUBLIC_PATHS.has(req.path)) {
+            next();
+            return;
+        }
+        // Skip auth for public prefixes (static files)
+        if (PUBLIC_PREFIXES.some((prefix) => req.path.startsWith(prefix))) {
+            next();
+            return;
+        }
+        // Skip auth for HTML page requests (dashboard SPA)
+        if (req.accepts("html") && !req.path.startsWith("/api/")) {
+            next();
+            return;
+        }
+        // If no token configured, reject all API requests
+        if (!clientApiToken) {
+            res.status(403).json({
+                error: "No CLIENT_API_TOKEN configured. Set CLIENT_API_TOKEN in .env to enable API access.",
+            });
+            return;
+        }
+        // Validate Bearer token
+        const authHeader = req.headers.authorization;
+        if (!authHeader) {
+            res.status(401).json({ error: "Missing Authorization header" });
+            return;
+        }
+        const parts = authHeader.split(" ");
+        if (parts.length !== 2 || parts[0] !== "Bearer") {
+            res.status(401).json({ error: "Invalid Authorization format. Expected: Bearer <token>" });
+            return;
+        }
+        const token = parts[1];
+        if (token !== clientApiToken) {
+            res.status(403).json({ error: "Invalid token" });
+            return;
+        }
+        // Token valid — proceed
+        next();
+    };
+}
+//# sourceMappingURL=auth.js.map

package/dist/middleware/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/middleware/auth.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,8CAA8C;AAC9C,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC;IAC3B,aAAa;IACb,cAAc;IACd,GAAG;CACJ,CAAC,CAAC;AAEH,6DAA6D;AAC7D,MAAM,eAAe,GAAG;IACtB,UAAU;IACV,UAAU;IACV,UAAU;CACX,CAAC;AAEF;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,cAAsB;IACzD,OAAO,CAAC,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAQ,EAAE;QAC/D,6BAA6B;QAC7B,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,+CAA+C;QAC/C,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAClE,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,mDAAmD;QACnD,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACzD,IAAI,EAAE,CAAC;YACP,OAAO;QACT,CAAC;QAED,kDAAkD;QAClD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,oFAAoF;aAC5F,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,wBAAwB;QACxB,MAAM,UAAU,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,8BAA8B,EAAE,CAAC,CAAC;YAChE,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YAChD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wDAAwD,EAAE,CAAC,CAAC;YAC1F,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,IAAI,KAAK,KAAK,cAAc,EAAE,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAAC;YACjD,OAAO;QACT,CAAC;QAED,wBAAwB;QACxB,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/dist/routes/db-ops.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Database API Routes — Local SQLite CRUD
+ * Activity, Assets, Projects, and vector search endpoints.
+ * Part of Phase 4: Direct Client → Sandbox Architecture.
+ */
+import { Router } from "express";
+export type DbOpsDeps = {
+    userId: string;
+};
+export declare function createDbOpsRouter(deps: DbOpsDeps): Router;
+//# sourceMappingURL=db-ops.d.ts.map

package/dist/routes/db-ops.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"db-ops.d.ts","sourceRoot":"","sources":["../../src/routes/db-ops.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAsBjC,MAAM,MAAM,SAAS,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;CAChB,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,SAAS,GAAG,MAAM,CA+RzD"}