@getpaseo/server 0.1.97 → 0.1.99

package/dist/server/server/speech/providers/openai/runtime.js

@@ -38,15 +38,14 @@ export function validateOpenAiCredentialRequirements(params) {
         missingOpenAiCredentialsFor.push("dictation.stt");
     }
     if (missingOpenAiCredentialsFor.length > 0) {
-        logger.error({
+        logger.warn({
             requestedProviders: {
                 dictationStt: providers.dictationStt.provider,
                 voiceStt: providers.voiceStt.provider,
                 voiceTts: providers.voiceTts.provider,
             },
             missingOpenAiCredentialsFor,
-        }, "Invalid speech configuration: OpenAI provider selected but credentials are missing");
-        throw new Error(`Missing OpenAI credentials for configured speech features: ${missingOpenAiCredentialsFor.join(", ")}`);
+        }, "Invalid speech configuration: OpenAI provider selected but credentials are missing — speech features will be unavailable");
     }
 }
 function createOpenAiStt(apiKey, openaiConfig, logger) {
@@ -105,7 +104,7 @@ export function initializeOpenAiSpeechServices(params) {
         }
     }
     else if (needsAnyOpenAi) {
-        logger.warn("OpenAI speech providers are configured but credentials are missing");
+        // validateOpenAiCredentialRequirements already warned about missing credentials
     }
     return {
         turnDetectionService,

package/dist/server/server/websocket-server.d.ts

@@ -93,6 +93,7 @@ export declare class VoiceAssistantWebSocketServer {
     private eventLoopDelayMonitor;
     private unsubscribeSpeechReadiness;
     private unsubscribeDaemonConfigChange;
+    private readonly providerUsageService;
     private unsubscribeTerminalActivity;
     constructor(server: HTTPServer, logger: pino.Logger, serverId: string, agentManager: AgentManager, agentStorage: AgentStorage, downloadTokenStore: DownloadTokenStore, paseoHome: string, daemonConfigStore: DaemonConfigStore, mcpBaseUrl: string | null, wsConfig: WebSocketServerConfig, auth?: DaemonAuthConfig, speech?: SpeechService | null, terminalManager?: TerminalManager | null, dictation?: {
         finalTimeoutMs?: number;

package/dist/server/server/websocket-server.js

@@ -14,6 +14,7 @@ import { buildAgentAttentionNotificationPayload, findLatestPermissionRequest, }
 import { createGitHubService } from "../services/github-service.js";
 import { extractWsBearerProtocol, extractWsBearerToken, isBearerTokenValid, } from "./auth.js";
 import { WebSocketRuntimeMetricsWindow, } from "./websocket/runtime-metrics.js";
+import { ProviderUsageService } from "../services/quota-fetcher/service.js";
 const WS_CLOSE_DAEMON_AUTH_FAILED = 4401;
 function resolveTerminalAttentionReason(input) {
     if (input.attentionReason === "finished")
@@ -298,6 +299,9 @@ export class VoiceAssistantWebSocketServer {
                 this.logger.warn({ err, agentId: params.agentId }, "Failed to broadcast agent attention");
             });
         });
+        this.providerUsageService = new ProviderUsageService({
+            logger: this.logger,
+        });
         this.wss = this.createWebSocketServer(server, wsConfig, auth);
         this.startRuntimeMetricsInterval();
         this.logger.info("WebSocket server initialized on /ws");
@@ -649,6 +653,7 @@ export class VoiceAssistantWebSocketServer {
             tts: () => this.speech?.resolveTts() ?? null,
             terminalManager: this.terminalManager,
             providerSnapshotManager: this.providerSnapshotManager,
+            providerUsageService: this.providerUsageService,
             serviceProxy: this.serviceProxy ?? undefined,
             scriptRuntimeStore: this.scriptRuntimeStore ?? undefined,
             workspaceSetupSnapshots: this.workspaceSetupSnapshots,
@@ -809,8 +814,14 @@ export class VoiceAssistantWebSocketServer {
                 workspaceMultiplicity: true,
                 // COMPAT(projectRemove): added in v0.1.97, drop the gate when floor >= v0.1.97.
                 projectRemove: true,
+                // COMPAT(projectAdd): added in v0.1.97, drop the gate when floor >= v0.1.97.
+                projectAdd: true,
                 // COMPAT(worktreeRestore): added in v0.1.97, drop the gate when floor >= v0.1.97
                 worktreeRestore: true,
+                // COMPAT(providerUsageList): added in v0.1.98, drop the gate when daemon floor >= v0.1.98.
+                providerUsageList: true,
+                // COMPAT(agentDetach): added in v0.1.98, remove gate after 2026-12-19 once daemon floor >= v0.1.98.
+                agentDetach: true,
             },
         };
     }

package/dist/server/server/workspace-archive-service.js

@@ -212,9 +212,8 @@ export async function killTerminalsForWorkspace(dependencies, workspaceId) {
         }
     }));
 }
-// Archiving the last workspace of a project leaves the project as a first-class
-// empty project — it persists until explicitly removed, so we never archive the
-// parent project here.
+// Archiving the last workspace of a project leaves the project record active.
+// The user removes the project explicitly, so we never archive the parent here.
 export async function archivePersistedWorkspaceRecord(input) {
     const existingWorkspace = await input.workspaceRegistry.get(input.workspaceId);
     if (!existingWorkspace) {

package/dist/server/server/workspace-directory.js

@@ -295,9 +295,9 @@ export class WorkspaceDirectory {
         const candidates = [...agentTimestamps, ...terminalTimestamps].sort();
         return candidates.at(-1) ?? null;
     }
-    // Project parents that have no active workspaces. These persist as first-class
-    // empty projects so the sidebar can render an empty project row with a
-    // "+ New workspace" affordance.
+    // Project parents that have no active workspaces. The wire field is the
+    // sidebar projection bucket for projects whose workspace list is currently
+    // empty; it is not a separate domain record.
     async listEmptyProjects() {
         const [persistedWorkspaces, persistedProjects] = await Promise.all([
             this.deps.workspaceRegistry.list(),
@@ -359,8 +359,8 @@ export class WorkspaceDirectory {
         const nextCursor = hasMore && pagedEntries.length > 0
             ? this.pager.encode(pagedEntries[pagedEntries.length - 1], sort)
             : null;
-        // Empty project parents ride only on the first page so the sidebar can render
-        // them without them being duplicated across pagination.
+        // Project parents with no active workspaces ride only on the first page so
+        // the sidebar can render them without duplicating them across pagination.
         const projectIdFilter = filter?.projectId?.trim();
         const emptyProjects = cursorToken
             ? []

package/dist/server/server/workspace-reconciliation-service.js

@@ -98,8 +98,8 @@ export class WorkspaceReconciliationService {
         // 2. Merge duplicate active project records that point at the same repo root.
         await this.mergeDuplicateProjectsByRoot(activeProjects, workspacesByProject, changes);
         // 3. Reconcile git metadata for active projects whose directories still exist.
-        //    A project with zero active workspaces is a first-class empty project — it
-        //    persists until explicitly removed and still reconciles its own metadata.
+        //    Projects persist until explicitly removed, even when they currently have
+        //    zero active workspaces, so they still reconcile their own metadata.
         //    Skip projects archived earlier in this pass (e.g. merged duplicates) so we
         //    don't resurrect them by upserting a stale, non-archived copy.
         const archivedProjectIds = new Set(changes

package/dist/server/server/worktree-core.d.ts

@@ -6,6 +6,7 @@ import type { WorkspaceGitService } from "./workspace-git-service.js";
 export interface CreateWorktreeCoreInput {
     cwd: string;
     worktreeSlug?: string;
+    branchName?: string;
     refName?: string;
     action?: "branch-off" | "checkout";
     githubPrNumber?: number;

package/dist/server/server/worktree-core.js

@@ -6,6 +6,9 @@ export async function createWorktreeCore(input, deps) {
     const requestedWorktreeSlug = input.worktreeSlug
         ? normalizeWorktreeSlug(input.worktreeSlug)
         : undefined;
+    const requestedBranchName = input.branchName
+        ? validateWorktreeSlug(input.branchName.trim())
+        : undefined;
     let intentInput;
     if (input.action === "checkout") {
         intentInput = {
@@ -27,6 +30,7 @@ export async function createWorktreeCore(input, deps) {
         intentInput = {
             action: "branch-off",
             refName: input.refName,
+            branchName: requestedBranchName,
             worktreeSlug,
         };
     }
@@ -37,7 +41,7 @@ export async function createWorktreeCore(input, deps) {
     let normalizedSlug;
     switch (intent.kind) {
         case "branch-off": {
-            normalizedSlug = intent.branchName;
+            normalizedSlug = requestedWorktreeSlug ?? normalizeWorktreeSlug(intent.branchName);
             break;
         }
         case "checkout-branch": {

package/dist/server/services/quota-fetcher/manifest.d.ts

@@ -0,0 +1,4 @@
+import type { ProviderUsageFetcher, ProviderUsageFetcherFactoryOptions, ProviderUsageFetcherManifestEntry } from "./provider.js";
+export declare const PROVIDER_USAGE_FETCHERS: readonly ProviderUsageFetcherManifestEntry[];
+export declare function createProviderUsageFetchers(options: ProviderUsageFetcherFactoryOptions): ProviderUsageFetcher[];
+//# sourceMappingURL=manifest.d.ts.map

package/dist/server/services/quota-fetcher/manifest.js

@@ -0,0 +1,47 @@
+import { ClaudeQuotaProvider } from "./providers/claude.js";
+import { CodexQuotaProvider } from "./providers/codex.js";
+import { CopilotQuotaProvider } from "./providers/copilot.js";
+import { CursorQuotaProvider } from "./providers/cursor.js";
+import { GrokQuotaProvider } from "./providers/grok.js";
+import { KimiQuotaProvider } from "./providers/kimi.js";
+import { ZaiQuotaProvider } from "./providers/zai.js";
+export const PROVIDER_USAGE_FETCHERS = [
+    {
+        providerId: "claude",
+        create: (options) => new ClaudeQuotaProvider({
+            logger: options.logger,
+            fetch: options.fetch,
+        }),
+    },
+    {
+        providerId: "codex",
+        create: (options) => new CodexQuotaProvider({
+            logger: options.logger,
+            fetch: options.fetch,
+        }),
+    },
+    {
+        providerId: "copilot",
+        create: (options) => new CopilotQuotaProvider({ logger: options.logger, fetch: options.fetch }),
+    },
+    {
+        providerId: "cursor",
+        create: (options) => new CursorQuotaProvider({ logger: options.logger, fetch: options.fetch }),
+    },
+    {
+        providerId: "zai",
+        create: (options) => new ZaiQuotaProvider({ logger: options.logger, fetch: options.fetch }),
+    },
+    {
+        providerId: "grok",
+        create: (options) => new GrokQuotaProvider({ logger: options.logger, fetch: options.fetch }),
+    },
+    {
+        providerId: "kimi",
+        create: (options) => new KimiQuotaProvider({ logger: options.logger, fetch: options.fetch }),
+    },
+];
+export function createProviderUsageFetchers(options) {
+    return PROVIDER_USAGE_FETCHERS.map((entry) => entry.create(options));
+}
+//# sourceMappingURL=manifest.js.map

package/dist/server/services/quota-fetcher/provider.d.ts

@@ -0,0 +1,17 @@
+import type { Logger } from "pino";
+import type { ProviderUsage } from "../../server/messages.js";
+export type ProviderApiFetch = typeof fetch;
+export interface ProviderUsageFetcher {
+    readonly providerId: string;
+    readonly displayName: string;
+    fetchUsage(): Promise<ProviderUsage>;
+}
+export interface ProviderUsageFetcherFactoryOptions {
+    logger: Logger;
+    fetch?: ProviderApiFetch;
+}
+export interface ProviderUsageFetcherManifestEntry {
+    readonly providerId: string;
+    create(options: ProviderUsageFetcherFactoryOptions): ProviderUsageFetcher;
+}
+//# sourceMappingURL=provider.d.ts.map

package/dist/server/services/quota-fetcher/provider.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=provider.js.map

package/dist/server/services/quota-fetcher/providers/claude.d.ts

@@ -0,0 +1,26 @@
+import type { Logger } from "pino";
+import type { ProviderUsage } from "../../../server/messages.js";
+import type { ProviderApiFetch, ProviderUsageFetcher } from "../provider.js";
+interface ClaudeQuotaProviderOptions {
+    logger: Logger;
+    claudeHome?: string;
+    claudeKeychainReader?: () => Promise<unknown | null>;
+    platform?: typeof process.platform;
+    fetch?: ProviderApiFetch;
+}
+export declare class ClaudeQuotaProvider implements ProviderUsageFetcher {
+    readonly providerId = "claude";
+    readonly displayName = "Claude";
+    private readonly claudeHome;
+    private readonly readKeychainCredentials;
+    private readonly platform;
+    private readonly fetchApi;
+    constructor(options: ClaudeQuotaProviderOptions);
+    fetchUsage(): Promise<ProviderUsage>;
+    private readCredentials;
+    private callClaudeApi;
+    private refreshClaudeToken;
+    private saveClaudeCredentials;
+}
+export {};
+//# sourceMappingURL=claude.d.ts.map

package/dist/server/services/quota-fetcher/providers/claude.js

@@ -0,0 +1,217 @@
+import { execFile } from "node:child_process";
+import { existsSync, promises as fs } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+import { promisify } from "node:util";
+import { z } from "zod";
+import { ApiNumberSchema, fetchProviderApi, unavailableUsage, windowFromUsedPct, } from "../usage.js";
+const execFileAsync = promisify(execFile);
+const CLAUDE_KEYCHAIN_TIMEOUT_MS = 2000;
+const CLAUDE_OAUTH_BETA = "oauth-2025-04-20";
+const CLAUDE_CLIENT_ID = "9d1c250a-e61b-44d9-88ed-5944d1962f5e";
+const CLAUDE_KEYCHAIN_SERVICE = "Claude Code-credentials";
+const ClaudeCredentialsSchema = z.object({
+    claudeAiOauth: z
+        .object({
+        accessToken: z.string().optional(),
+        refreshToken: z.string().optional(),
+        subscriptionType: z.string().optional(),
+        rateLimitTier: z.string().optional(),
+    })
+        .optional(),
+});
+const ClaudeUsageWindowSchema = z.object({
+    utilization: ApiNumberSchema,
+    resets_at: z.string().optional(),
+});
+const ClaudeUsageResponseSchema = z.object({
+    five_hour: ClaudeUsageWindowSchema.nullish(),
+    seven_day: ClaudeUsageWindowSchema.nullish(),
+    seven_day_opus: ClaudeUsageWindowSchema.nullish(),
+    seven_day_omelette: ClaudeUsageWindowSchema.nullish(),
+    extra_usage: z
+        .object({
+        is_enabled: z.boolean().optional(),
+    })
+        .nullish(),
+});
+const ClaudeTokenRefreshSchema = z.object({
+    access_token: z.string().optional(),
+    refresh_token: z.string().optional(),
+});
+function buildClaudePlan(subscriptionType, rateLimitTier) {
+    if (!subscriptionType)
+        return null;
+    const label = subscriptionType.charAt(0).toUpperCase() + subscriptionType.slice(1);
+    const tier = rateLimitTier?.split("_").pop();
+    return tier ? `${label} ${tier}` : label;
+}
+async function readClaudeKeychainCredentials() {
+    try {
+        const { stdout } = await execFileAsync("security", ["find-generic-password", "-s", CLAUDE_KEYCHAIN_SERVICE, "-w"], { timeout: CLAUDE_KEYCHAIN_TIMEOUT_MS });
+        const raw = stdout.trim();
+        if (!raw)
+            return null;
+        return JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+}
+export class ClaudeQuotaProvider {
+    constructor(options) {
+        this.providerId = "claude";
+        this.displayName = "Claude";
+        this.claudeHome =
+            options.claudeHome || process.env["CLAUDE_HOME"] || join(homedir(), ".claude");
+        this.readKeychainCredentials = options.claudeKeychainReader ?? readClaudeKeychainCredentials;
+        this.platform = options.platform ?? process.platform;
+        this.fetchApi = options.fetch ?? fetch;
+    }
+    async fetchUsage() {
+        const credentials = await this.readCredentials();
+        if (!credentials) {
+            return unavailableUsage(this);
+        }
+        const { oauth, filePath } = credentials;
+        const plan = buildClaudePlan(oauth.subscriptionType, oauth.rateLimitTier);
+        let resp = await this.callClaudeApi(oauth.accessToken);
+        if (resp === "NEEDS_AUTH") {
+            if (!filePath || !oauth.refreshToken) {
+                return unavailableUsage(this);
+            }
+            const refreshed = await this.refreshClaudeToken(oauth.refreshToken);
+            if (!refreshed?.access_token) {
+                return unavailableUsage(this);
+            }
+            await this.saveClaudeCredentials(filePath, {
+                ...oauth,
+                accessToken: refreshed.access_token,
+                refreshToken: refreshed.refresh_token ?? oauth.refreshToken,
+            });
+            resp = await this.callClaudeApi(refreshed.access_token);
+            if (resp === "NEEDS_AUTH") {
+                return unavailableUsage(this);
+            }
+        }
+        const windows = [];
+        if (resp.five_hour) {
+            windows.push(windowFromUsedPct({
+                id: "five_hour",
+                label: "Session",
+                utilizationPct: resp.five_hour.utilization,
+                resetsAt: resp.five_hour.resets_at ?? null,
+                tone: "ok",
+            }));
+        }
+        if (resp.seven_day) {
+            windows.push(windowFromUsedPct({
+                id: "weekly",
+                label: "Weekly",
+                utilizationPct: resp.seven_day.utilization,
+                resetsAt: resp.seven_day.resets_at ?? null,
+                tone: "ok",
+            }));
+        }
+        if (resp.seven_day_opus) {
+            windows.push(windowFromUsedPct({
+                id: "weekly_opus",
+                label: "Weekly · Opus",
+                utilizationPct: resp.seven_day_opus.utilization,
+                resetsAt: resp.seven_day_opus.resets_at ?? null,
+                tone: "ok",
+            }));
+        }
+        if (resp.seven_day_omelette) {
+            windows.push(windowFromUsedPct({
+                id: "weekly_omelette",
+                label: "Weekly · Omelette",
+                utilizationPct: resp.seven_day_omelette.utilization,
+                resetsAt: resp.seven_day_omelette.resets_at ?? null,
+                tone: "ok",
+            }));
+        }
+        const details = [];
+        const extraUsageEnabled = resp.extra_usage?.is_enabled;
+        if (extraUsageEnabled !== undefined) {
+            details.push({
+                id: "extra_usage",
+                label: "Extra usage",
+                value: extraUsageEnabled ? "Enabled" : "Disabled",
+            });
+        }
+        return {
+            providerId: this.providerId,
+            displayName: this.displayName,
+            status: "available",
+            planLabel: plan,
+            windows,
+            balances: [],
+            details,
+            error: null,
+        };
+    }
+    async readCredentials() {
+        const credPath = join(this.claudeHome, ".credentials.json");
+        if (existsSync(credPath)) {
+            try {
+                const creds = ClaudeCredentialsSchema.parse(JSON.parse(await fs.readFile(credPath, "utf8")));
+                const oauth = creds.claudeAiOauth;
+                if (oauth?.accessToken) {
+                    return { oauth: { ...oauth, accessToken: oauth.accessToken }, filePath: credPath };
+                }
+            }
+            catch {
+                // Fall through to the macOS Keychain below.
+            }
+        }
+        if (this.platform === "darwin") {
+            const creds = ClaudeCredentialsSchema.safeParse(await this.readKeychainCredentials());
+            const oauth = creds.success ? creds.data.claudeAiOauth : undefined;
+            if (oauth?.accessToken) {
+                return { oauth: { ...oauth, accessToken: oauth.accessToken }, filePath: null };
+            }
+        }
+        return null;
+    }
+    async callClaudeApi(token) {
+        const res = await fetchProviderApi(this.fetchApi, "https://api.anthropic.com/api/oauth/usage", {
+            headers: {
+                Authorization: `Bearer ${token}`,
+                Accept: "application/json",
+                "anthropic-beta": CLAUDE_OAUTH_BETA,
+            },
+        });
+        if (res.status === 401 || res.status === 403)
+            return "NEEDS_AUTH";
+        if (!res.ok)
+            throw new Error(`Claude usage API returned ${res.status}`);
+        return ClaudeUsageResponseSchema.parse(await res.json());
+    }
+    async refreshClaudeToken(refreshToken) {
+        const res = await fetchProviderApi(this.fetchApi, "https://platform.claude.com/v1/oauth/token", {
+            method: "POST",
+            headers: { "Content-Type": "application/json" },
+            body: JSON.stringify({
+                grant_type: "refresh_token",
+                refresh_token: refreshToken,
+                client_id: CLAUDE_CLIENT_ID,
+                scope: "user:profile user:inference user:sessions:claude_code user:mcp_servers",
+            }),
+        });
+        if (!res.ok)
+            return null;
+        return ClaudeTokenRefreshSchema.parse(await res.json());
+    }
+    async saveClaudeCredentials(credPath, oauth) {
+        try {
+            const existing = ClaudeCredentialsSchema.parse(JSON.parse(await fs.readFile(credPath, "utf8")));
+            existing.claudeAiOauth = oauth;
+            await fs.writeFile(credPath, JSON.stringify(existing, null, 2), { mode: 0o600 });
+        }
+        catch {
+            // Non-fatal; Claude Code can refresh again on its own next time.
+        }
+    }
+}
+//# sourceMappingURL=claude.js.map

package/dist/server/services/quota-fetcher/providers/codex.d.ts

@@ -0,0 +1,23 @@
+import type { Logger } from "pino";
+import type { ProviderUsage } from "../../../server/messages.js";
+import type { ProviderApiFetch, ProviderUsageFetcher } from "../provider.js";
+interface CodexQuotaProviderOptions {
+    logger: Logger;
+    codexHome?: string;
+    fetch?: ProviderApiFetch;
+}
+export declare class CodexQuotaProvider implements ProviderUsageFetcher {
+    readonly providerId = "codex";
+    readonly displayName = "Codex";
+    private readonly codexHome;
+    private readonly fetchApi;
+    constructor(options: CodexQuotaProviderOptions);
+    fetchUsage(): Promise<ProviderUsage>;
+    private toUsage;
+    private readCodexAuth;
+    private callCodexApi;
+    private refreshCodexToken;
+    private saveCodexAuth;
+}
+export {};
+//# sourceMappingURL=codex.d.ts.map