@haex-space/vault-sdk 3.1.0 → 3.2.0

package/dist/index.d.mts

@@ -1,7 +1,7 @@
-import { H as HaexVaultSdk } from './client-C0DPNG62.mjs';
-export { A as AuthorizedClient, B as BlockedClient, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, P as PendingAuthorization, t as PendingTransfer, u as PermissionsAPI, v as RemoteAddBackendRequest, w as RemoteS3Config, x as RemoteS3PublicConfig, R as RemoteStorageAPI, y as RemoteStorageBackendInfo, z as RemoteStorageObjectInfo, U as RemoteUpdateBackendRequest, C as RequestedExtension, G as SelectFileOptions, I as SelectFolderOptions, J as ServerInfo, M as ServerStatus, N as SessionAuthorization, O as SharedSpace, Q as ShellAPI, T as ShellCreateOptions, V as ShellCreateResponse, W as ShellExitEvent, X as ShellOutputEvent, Y as SpaceAccessTokenInfo, Z as SpaceAssignment, _ as SpaceInvite, $ as SpaceKeyGrantInfo, a0 as SpaceMemberInfo, a1 as SpacesAPI, a2 as SyncBackendInfo, a3 as TransferDirection, a4 as TransferProgress, a5 as TransferState, a6 as WebAPI, a7 as canExternalClientSendRequests, a8 as isExternalClientConnected } from './client-C0DPNG62.mjs';
-import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-DmCSegdY.mjs';
-export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-DmCSegdY.mjs';
+import { H as HaexVaultSdk } from './client-GeColu97.mjs';
+export { A as AuthorizedClient, B as BlockedClient, C as ConnectionSecurity, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, I as ImapConfig, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, M as MailAPI, t as MailAccount, u as MailAddress, v as MailAttachment, w as MailFetchRange, x as MailMessage, y as MailboxInfo, z as MessageEnvelope, O as OutgoingAttachment, G as OutgoingMessage, P as PasswordInput, J as PasswordItemFull, N as PasswordItemSummary, Q as PasswordKeyValue, R as PasswordKeyValueInput, T as PasswordsAPI, U as PendingAuthorization, V as PendingTransfer, W as PermissionsAPI, X as RemoteAddBackendRequest, Y as RemoteS3Config, Z as RemoteS3PublicConfig, _ as RemoteStorageAPI, $ as RemoteStorageBackendInfo, a0 as RemoteStorageObjectInfo, a1 as RemoteUpdateBackendRequest, a2 as RequestedExtension, a3 as SelectFileOptions, a4 as SelectFolderOptions, a5 as ServerInfo, a6 as ServerStatus, a7 as SessionAuthorization, a8 as SharedSpace, a9 as ShellAPI, aa as ShellCreateOptions, ab as ShellCreateResponse, ac as ShellExitEvent, ad as ShellOutputEvent, ae as SmtpConfig, af as SpaceAccessTokenInfo, ag as SpaceAssignment, ah as SpaceInvite, ai as SpaceKeyGrantInfo, aj as SpaceMemberInfo, ak as SpacesAPI, al as SyncBackendInfo, am as TransferDirection, an as TransferProgress, ao as TransferState, ap as WebAPI, aq as canExternalClientSendRequests, ar as isExternalClientConnected } from './client-GeColu97.mjs';
+import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-CDMBvvjl.mjs';
+export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-CDMBvvjl.mjs';
 export { H as HaextensionConfig } from './config-D_HXjsEV.mjs';
 import 'drizzle-orm/sqlite-proxy';
 
@@ -82,6 +82,59 @@ declare function installBaseTag(): void;
  */
 declare function installPolyfills(): void;
 
+/**
+ * Passwords Commands
+ *
+ * Commands for the core passwords vault. Extensions are scoped via
+ * permissions (`passwords` resource type, `target` = tag or "*").
+ *
+ * Naming convention: `extension_password_<action>`
+ */
+declare const PASSWORD_COMMANDS: {
+    /** List items (no secrets) within the extension's tag scope */
+    readonly list: "extension_password_list";
+    /** Read full item including secrets, by id */
+    readonly read: "extension_password_read";
+    /** Create item — must include >=1 tag in scope */
+    readonly create: "extension_password_create";
+    /** Update item — keeps >=1 tag in scope */
+    readonly update: "extension_password_update";
+    /** Delete item — must be in scope */
+    readonly delete: "extension_password_delete";
+};
+type PasswordCommand = (typeof PASSWORD_COMMANDS)[keyof typeof PASSWORD_COMMANDS];
+
+/**
+ * Mail Commands (IMAP fetch + SMTP send).
+ *
+ * Permissions are split protocol-wise: `fetch` covers all IMAP
+ * operations (list/read/flag/move/append), `send` covers SMTP. Target
+ * matches mail-server hostnames; subdomain match is supported, so
+ * target="gmail.com" grants access to "imap.gmail.com" and
+ * "smtp.gmail.com".
+ *
+ * Naming convention: `extension_mail_<action>`
+ */
+declare const MAIL_COMMANDS: {
+    /** LIST mailboxes + optional STATUS counts */
+    readonly listMailboxes: "extension_mail_list_mailboxes";
+    /** Lightweight envelope fetch for list views */
+    readonly fetchEnvelopes: "extension_mail_fetch_envelopes";
+    /** Full message fetch (envelope + body + attachment metadata) */
+    readonly fetchMessage: "extension_mail_fetch_message";
+    /** Set or unset IMAP flags on a UID set */
+    readonly setFlags: "extension_mail_set_flags";
+    /** MOVE messages between mailboxes (COPY+EXPUNGE fallback) */
+    readonly moveMessages: "extension_mail_move_messages";
+    /** APPEND a base64-encoded RFC822 message into a mailbox */
+    readonly appendMessage: "extension_mail_append_message";
+    /** SMTP send. Returns the assigned Message-ID. */
+    readonly sendMessage: "extension_mail_send_message";
+    /** Build RFC822 bytes without sending (for Drafts via APPEND) */
+    readonly buildRfc822: "extension_mail_build_rfc822";
+};
+type MailCommand = (typeof MAIL_COMMANDS)[keyof typeof MAIL_COMMANDS];
+
 /**
  * Sync Server API Types
  *
@@ -701,8 +754,25 @@ declare const TAURI_COMMANDS: {
         readonly resize: "extension_shell_resize";
         readonly close: "extension_shell_close";
     };
+    readonly passwords: {
+        readonly list: "extension_password_list";
+        readonly read: "extension_password_read";
+        readonly create: "extension_password_create";
+        readonly update: "extension_password_update";
+        readonly delete: "extension_password_delete";
+    };
+    readonly mail: {
+        readonly listMailboxes: "extension_mail_list_mailboxes";
+        readonly fetchEnvelopes: "extension_mail_fetch_envelopes";
+        readonly fetchMessage: "extension_mail_fetch_message";
+        readonly setFlags: "extension_mail_set_flags";
+        readonly moveMessages: "extension_mail_move_messages";
+        readonly appendMessage: "extension_mail_append_message";
+        readonly sendMessage: "extension_mail_send_message";
+        readonly buildRfc822: "extension_mail_build_rfc822";
+    };
 };
-type TauriCommand = (typeof DATABASE_COMMANDS)[keyof typeof DATABASE_COMMANDS] | (typeof PERMISSIONS_COMMANDS)[keyof typeof PERMISSIONS_COMMANDS] | (typeof WEB_COMMANDS)[keyof typeof WEB_COMMANDS] | (typeof WEB_STORAGE_COMMANDS)[keyof typeof WEB_STORAGE_COMMANDS] | (typeof FILESYSTEM_COMMANDS)[keyof typeof FILESYSTEM_COMMANDS] | (typeof EXTERNAL_BRIDGE_COMMANDS)[keyof typeof EXTERNAL_BRIDGE_COMMANDS] | (typeof EXTENSION_COMMANDS)[keyof typeof EXTENSION_COMMANDS] | (typeof REMOTE_STORAGE_COMMANDS)[keyof typeof REMOTE_STORAGE_COMMANDS] | (typeof LOCALSEND_COMMANDS)[keyof typeof LOCALSEND_COMMANDS] | (typeof SPACE_COMMANDS)[keyof typeof SPACE_COMMANDS] | (typeof SHELL_COMMANDS)[keyof typeof SHELL_COMMANDS];
+type TauriCommand = (typeof DATABASE_COMMANDS)[keyof typeof DATABASE_COMMANDS] | (typeof PERMISSIONS_COMMANDS)[keyof typeof PERMISSIONS_COMMANDS] | (typeof WEB_COMMANDS)[keyof typeof WEB_COMMANDS] | (typeof WEB_STORAGE_COMMANDS)[keyof typeof WEB_STORAGE_COMMANDS] | (typeof FILESYSTEM_COMMANDS)[keyof typeof FILESYSTEM_COMMANDS] | (typeof EXTERNAL_BRIDGE_COMMANDS)[keyof typeof EXTERNAL_BRIDGE_COMMANDS] | (typeof EXTENSION_COMMANDS)[keyof typeof EXTENSION_COMMANDS] | (typeof REMOTE_STORAGE_COMMANDS)[keyof typeof REMOTE_STORAGE_COMMANDS] | (typeof LOCALSEND_COMMANDS)[keyof typeof LOCALSEND_COMMANDS] | (typeof SPACE_COMMANDS)[keyof typeof SPACE_COMMANDS] | (typeof SHELL_COMMANDS)[keyof typeof SHELL_COMMANDS] | (typeof PASSWORD_COMMANDS)[keyof typeof PASSWORD_COMMANDS] | (typeof MAIL_COMMANDS)[keyof typeof MAIL_COMMANDS];
 
 interface VerifyResult {
     valid: boolean;
@@ -1023,4 +1093,4 @@ declare function exportKeyPairAsync(keyPair: PasskeyKeyPair): Promise<ExportedPa
 
 declare function createHaexVaultSdk(config?: HaexHubConfig): HaexVaultSdk;
 
-export { type AuthUser, COSE_ALGORITHM, type CoseAlgorithm, type CreateSpaceRequest, type ExportedPasskeyKeyPair, type ExportedUserKeypair, ExtensionManifest, HAEXSPACE_MESSAGE_TYPES, HaexHubConfig, HaexVaultSdk, type HaexspaceMessageType, type InviteMemberRequest, KEY_AGREEMENT_ALGO, type PasskeyKeyPair, type RegisterKeypairRequest, SIGNING_ALGO, SPACE_COMMANDS, type SealedData, type SignableRecord, SignedClaimPresentation, type SpaceCommand, type StorageConfig, type ErrorResponse as SyncServerErrorResponse, type ServerInfo as SyncServerInfo, type LoginRequest as SyncServerLoginRequest, type LoginResponse as SyncServerLoginResponse, type RefreshRequest as SyncServerRefreshRequest, TAURI_COMMANDS, type TauriCommand, type UserKeypair, type VerifyResult, type ZipFileEntry, arrayBufferToBase64, base58btcDecode, base58btcEncode, base64ToArrayBuffer, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceNameAsync, decryptString, decryptVaultKey, decryptVaultName, decryptWithPrivateKeyAsync, deriveKeyFromPassword, didKeyToPublicKeyAsync, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceNameAsync, encryptString, encryptVaultKey, encryptWithPublicKeyAsync, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generateIdentityAsync, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, publicKeyToDidKeyAsync, signClaimPresentationAsync, signRecordAsync, signSpaceChallengeAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyClaimPresentationAsync, verifyExtensionSignature, verifyRecordSignatureAsync, verifySpaceChallengeAsync, verifyWithPasskeyAsync, wrapKey };
+export { type AuthUser, COSE_ALGORITHM, type CoseAlgorithm, type CreateSpaceRequest, type ExportedPasskeyKeyPair, type ExportedUserKeypair, ExtensionManifest, HAEXSPACE_MESSAGE_TYPES, HaexHubConfig, HaexVaultSdk, type HaexspaceMessageType, type InviteMemberRequest, KEY_AGREEMENT_ALGO, MAIL_COMMANDS, type MailCommand, PASSWORD_COMMANDS, type PasskeyKeyPair, type PasswordCommand, type RegisterKeypairRequest, SIGNING_ALGO, SPACE_COMMANDS, type SealedData, type SignableRecord, SignedClaimPresentation, type SpaceCommand, type StorageConfig, type ErrorResponse as SyncServerErrorResponse, type ServerInfo as SyncServerInfo, type LoginRequest as SyncServerLoginRequest, type LoginResponse as SyncServerLoginResponse, type RefreshRequest as SyncServerRefreshRequest, TAURI_COMMANDS, type TauriCommand, type UserKeypair, type VerifyResult, type ZipFileEntry, arrayBufferToBase64, base58btcDecode, base58btcEncode, base64ToArrayBuffer, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceNameAsync, decryptString, decryptVaultKey, decryptVaultName, decryptWithPrivateKeyAsync, deriveKeyFromPassword, didKeyToPublicKeyAsync, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceNameAsync, encryptString, encryptVaultKey, encryptWithPublicKeyAsync, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generateIdentityAsync, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, publicKeyToDidKeyAsync, signClaimPresentationAsync, signRecordAsync, signSpaceChallengeAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyClaimPresentationAsync, verifyExtensionSignature, verifyRecordSignatureAsync, verifySpaceChallengeAsync, verifyWithPasskeyAsync, wrapKey };

package/dist/index.d.ts

@@ -1,7 +1,7 @@
-import { H as HaexVaultSdk } from './client-B_B6rLIw.js';
-export { A as AuthorizedClient, B as BlockedClient, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, P as PendingAuthorization, t as PendingTransfer, u as PermissionsAPI, v as RemoteAddBackendRequest, w as RemoteS3Config, x as RemoteS3PublicConfig, R as RemoteStorageAPI, y as RemoteStorageBackendInfo, z as RemoteStorageObjectInfo, U as RemoteUpdateBackendRequest, C as RequestedExtension, G as SelectFileOptions, I as SelectFolderOptions, J as ServerInfo, M as ServerStatus, N as SessionAuthorization, O as SharedSpace, Q as ShellAPI, T as ShellCreateOptions, V as ShellCreateResponse, W as ShellExitEvent, X as ShellOutputEvent, Y as SpaceAccessTokenInfo, Z as SpaceAssignment, _ as SpaceInvite, $ as SpaceKeyGrantInfo, a0 as SpaceMemberInfo, a1 as SpacesAPI, a2 as SyncBackendInfo, a3 as TransferDirection, a4 as TransferProgress, a5 as TransferState, a6 as WebAPI, a7 as canExternalClientSendRequests, a8 as isExternalClientConnected } from './client-B_B6rLIw.js';
-import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-DmCSegdY.js';
-export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-DmCSegdY.js';
+import { H as HaexVaultSdk } from './client-z1jTcuQE.js';
+export { A as AuthorizedClient, B as BlockedClient, C as ConnectionSecurity, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, I as ImapConfig, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, M as MailAPI, t as MailAccount, u as MailAddress, v as MailAttachment, w as MailFetchRange, x as MailMessage, y as MailboxInfo, z as MessageEnvelope, O as OutgoingAttachment, G as OutgoingMessage, P as PasswordInput, J as PasswordItemFull, N as PasswordItemSummary, Q as PasswordKeyValue, R as PasswordKeyValueInput, T as PasswordsAPI, U as PendingAuthorization, V as PendingTransfer, W as PermissionsAPI, X as RemoteAddBackendRequest, Y as RemoteS3Config, Z as RemoteS3PublicConfig, _ as RemoteStorageAPI, $ as RemoteStorageBackendInfo, a0 as RemoteStorageObjectInfo, a1 as RemoteUpdateBackendRequest, a2 as RequestedExtension, a3 as SelectFileOptions, a4 as SelectFolderOptions, a5 as ServerInfo, a6 as ServerStatus, a7 as SessionAuthorization, a8 as SharedSpace, a9 as ShellAPI, aa as ShellCreateOptions, ab as ShellCreateResponse, ac as ShellExitEvent, ad as ShellOutputEvent, ae as SmtpConfig, af as SpaceAccessTokenInfo, ag as SpaceAssignment, ah as SpaceInvite, ai as SpaceKeyGrantInfo, aj as SpaceMemberInfo, ak as SpacesAPI, al as SyncBackendInfo, am as TransferDirection, an as TransferProgress, ao as TransferState, ap as WebAPI, aq as canExternalClientSendRequests, ar as isExternalClientConnected } from './client-z1jTcuQE.js';
+import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-CDMBvvjl.js';
+export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-CDMBvvjl.js';
 export { H as HaextensionConfig } from './config-D_HXjsEV.js';
 import 'drizzle-orm/sqlite-proxy';
 
@@ -82,6 +82,59 @@ declare function installBaseTag(): void;
  */
 declare function installPolyfills(): void;
 
+/**
+ * Passwords Commands
+ *
+ * Commands for the core passwords vault. Extensions are scoped via
+ * permissions (`passwords` resource type, `target` = tag or "*").
+ *
+ * Naming convention: `extension_password_<action>`
+ */
+declare const PASSWORD_COMMANDS: {
+    /** List items (no secrets) within the extension's tag scope */
+    readonly list: "extension_password_list";
+    /** Read full item including secrets, by id */
+    readonly read: "extension_password_read";
+    /** Create item — must include >=1 tag in scope */
+    readonly create: "extension_password_create";
+    /** Update item — keeps >=1 tag in scope */
+    readonly update: "extension_password_update";
+    /** Delete item — must be in scope */
+    readonly delete: "extension_password_delete";
+};
+type PasswordCommand = (typeof PASSWORD_COMMANDS)[keyof typeof PASSWORD_COMMANDS];
+
+/**
+ * Mail Commands (IMAP fetch + SMTP send).
+ *
+ * Permissions are split protocol-wise: `fetch` covers all IMAP
+ * operations (list/read/flag/move/append), `send` covers SMTP. Target
+ * matches mail-server hostnames; subdomain match is supported, so
+ * target="gmail.com" grants access to "imap.gmail.com" and
+ * "smtp.gmail.com".
+ *
+ * Naming convention: `extension_mail_<action>`
+ */
+declare const MAIL_COMMANDS: {
+    /** LIST mailboxes + optional STATUS counts */
+    readonly listMailboxes: "extension_mail_list_mailboxes";
+    /** Lightweight envelope fetch for list views */
+    readonly fetchEnvelopes: "extension_mail_fetch_envelopes";
+    /** Full message fetch (envelope + body + attachment metadata) */
+    readonly fetchMessage: "extension_mail_fetch_message";
+    /** Set or unset IMAP flags on a UID set */
+    readonly setFlags: "extension_mail_set_flags";
+    /** MOVE messages between mailboxes (COPY+EXPUNGE fallback) */
+    readonly moveMessages: "extension_mail_move_messages";
+    /** APPEND a base64-encoded RFC822 message into a mailbox */
+    readonly appendMessage: "extension_mail_append_message";
+    /** SMTP send. Returns the assigned Message-ID. */
+    readonly sendMessage: "extension_mail_send_message";
+    /** Build RFC822 bytes without sending (for Drafts via APPEND) */
+    readonly buildRfc822: "extension_mail_build_rfc822";
+};
+type MailCommand = (typeof MAIL_COMMANDS)[keyof typeof MAIL_COMMANDS];
+
 /**
  * Sync Server API Types
  *
@@ -701,8 +754,25 @@ declare const TAURI_COMMANDS: {
         readonly resize: "extension_shell_resize";
         readonly close: "extension_shell_close";
     };
+    readonly passwords: {
+        readonly list: "extension_password_list";
+        readonly read: "extension_password_read";
+        readonly create: "extension_password_create";
+        readonly update: "extension_password_update";
+        readonly delete: "extension_password_delete";
+    };
+    readonly mail: {
+        readonly listMailboxes: "extension_mail_list_mailboxes";
+        readonly fetchEnvelopes: "extension_mail_fetch_envelopes";
+        readonly fetchMessage: "extension_mail_fetch_message";
+        readonly setFlags: "extension_mail_set_flags";
+        readonly moveMessages: "extension_mail_move_messages";
+        readonly appendMessage: "extension_mail_append_message";
+        readonly sendMessage: "extension_mail_send_message";
+        readonly buildRfc822: "extension_mail_build_rfc822";
+    };
 };
-type TauriCommand = (typeof DATABASE_COMMANDS)[keyof typeof DATABASE_COMMANDS] | (typeof PERMISSIONS_COMMANDS)[keyof typeof PERMISSIONS_COMMANDS] | (typeof WEB_COMMANDS)[keyof typeof WEB_COMMANDS] | (typeof WEB_STORAGE_COMMANDS)[keyof typeof WEB_STORAGE_COMMANDS] | (typeof FILESYSTEM_COMMANDS)[keyof typeof FILESYSTEM_COMMANDS] | (typeof EXTERNAL_BRIDGE_COMMANDS)[keyof typeof EXTERNAL_BRIDGE_COMMANDS] | (typeof EXTENSION_COMMANDS)[keyof typeof EXTENSION_COMMANDS] | (typeof REMOTE_STORAGE_COMMANDS)[keyof typeof REMOTE_STORAGE_COMMANDS] | (typeof LOCALSEND_COMMANDS)[keyof typeof LOCALSEND_COMMANDS] | (typeof SPACE_COMMANDS)[keyof typeof SPACE_COMMANDS] | (typeof SHELL_COMMANDS)[keyof typeof SHELL_COMMANDS];
+type TauriCommand = (typeof DATABASE_COMMANDS)[keyof typeof DATABASE_COMMANDS] | (typeof PERMISSIONS_COMMANDS)[keyof typeof PERMISSIONS_COMMANDS] | (typeof WEB_COMMANDS)[keyof typeof WEB_COMMANDS] | (typeof WEB_STORAGE_COMMANDS)[keyof typeof WEB_STORAGE_COMMANDS] | (typeof FILESYSTEM_COMMANDS)[keyof typeof FILESYSTEM_COMMANDS] | (typeof EXTERNAL_BRIDGE_COMMANDS)[keyof typeof EXTERNAL_BRIDGE_COMMANDS] | (typeof EXTENSION_COMMANDS)[keyof typeof EXTENSION_COMMANDS] | (typeof REMOTE_STORAGE_COMMANDS)[keyof typeof REMOTE_STORAGE_COMMANDS] | (typeof LOCALSEND_COMMANDS)[keyof typeof LOCALSEND_COMMANDS] | (typeof SPACE_COMMANDS)[keyof typeof SPACE_COMMANDS] | (typeof SHELL_COMMANDS)[keyof typeof SHELL_COMMANDS] | (typeof PASSWORD_COMMANDS)[keyof typeof PASSWORD_COMMANDS] | (typeof MAIL_COMMANDS)[keyof typeof MAIL_COMMANDS];
 
 interface VerifyResult {
     valid: boolean;
@@ -1023,4 +1093,4 @@ declare function exportKeyPairAsync(keyPair: PasskeyKeyPair): Promise<ExportedPa
 
 declare function createHaexVaultSdk(config?: HaexHubConfig): HaexVaultSdk;
 
-export { type AuthUser, COSE_ALGORITHM, type CoseAlgorithm, type CreateSpaceRequest, type ExportedPasskeyKeyPair, type ExportedUserKeypair, ExtensionManifest, HAEXSPACE_MESSAGE_TYPES, HaexHubConfig, HaexVaultSdk, type HaexspaceMessageType, type InviteMemberRequest, KEY_AGREEMENT_ALGO, type PasskeyKeyPair, type RegisterKeypairRequest, SIGNING_ALGO, SPACE_COMMANDS, type SealedData, type SignableRecord, SignedClaimPresentation, type SpaceCommand, type StorageConfig, type ErrorResponse as SyncServerErrorResponse, type ServerInfo as SyncServerInfo, type LoginRequest as SyncServerLoginRequest, type LoginResponse as SyncServerLoginResponse, type RefreshRequest as SyncServerRefreshRequest, TAURI_COMMANDS, type TauriCommand, type UserKeypair, type VerifyResult, type ZipFileEntry, arrayBufferToBase64, base58btcDecode, base58btcEncode, base64ToArrayBuffer, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceNameAsync, decryptString, decryptVaultKey, decryptVaultName, decryptWithPrivateKeyAsync, deriveKeyFromPassword, didKeyToPublicKeyAsync, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceNameAsync, encryptString, encryptVaultKey, encryptWithPublicKeyAsync, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generateIdentityAsync, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, publicKeyToDidKeyAsync, signClaimPresentationAsync, signRecordAsync, signSpaceChallengeAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyClaimPresentationAsync, verifyExtensionSignature, verifyRecordSignatureAsync, verifySpaceChallengeAsync, verifyWithPasskeyAsync, wrapKey };
+export { type AuthUser, COSE_ALGORITHM, type CoseAlgorithm, type CreateSpaceRequest, type ExportedPasskeyKeyPair, type ExportedUserKeypair, ExtensionManifest, HAEXSPACE_MESSAGE_TYPES, HaexHubConfig, HaexVaultSdk, type HaexspaceMessageType, type InviteMemberRequest, KEY_AGREEMENT_ALGO, MAIL_COMMANDS, type MailCommand, PASSWORD_COMMANDS, type PasskeyKeyPair, type PasswordCommand, type RegisterKeypairRequest, SIGNING_ALGO, SPACE_COMMANDS, type SealedData, type SignableRecord, SignedClaimPresentation, type SpaceCommand, type StorageConfig, type ErrorResponse as SyncServerErrorResponse, type ServerInfo as SyncServerInfo, type LoginRequest as SyncServerLoginRequest, type LoginResponse as SyncServerLoginResponse, type RefreshRequest as SyncServerRefreshRequest, TAURI_COMMANDS, type TauriCommand, type UserKeypair, type VerifyResult, type ZipFileEntry, arrayBufferToBase64, base58btcDecode, base58btcEncode, base64ToArrayBuffer, createHaexVaultSdk, decryptCrdtData, decryptPrivateKeyAsync, decryptSpaceNameAsync, decryptString, decryptVaultKey, decryptVaultName, decryptWithPrivateKeyAsync, deriveKeyFromPassword, didKeyToPublicKeyAsync, encryptCrdtData, encryptPrivateKeyAsync, encryptSpaceNameAsync, encryptString, encryptVaultKey, encryptWithPublicKeyAsync, exportKeyPairAsync, exportPrivateKeyAsync, exportPublicKeyAsync, exportPublicKeyCoseAsync, exportUserKeypairAsync, generateCredentialId, generateIdentityAsync, generatePasskeyPairAsync, generateSpaceKey, generateUserKeypairAsync, generateVaultKey, hexToBytes, importPrivateKeyAsync, importPrivateKeyForKeyAgreementAsync, importPublicKeyAsync, importPublicKeyForKeyAgreementAsync, importUserPrivateKeyAsync, importUserPublicKeyAsync, installBaseTag, installCookiePolyfill, installHistoryPolyfill, installLocalStoragePolyfill, installPolyfills, installSessionStoragePolyfill, publicKeyToDidKeyAsync, signClaimPresentationAsync, signRecordAsync, signSpaceChallengeAsync, signWithPasskeyAsync, sortObjectKeysRecursively, unwrapKey, verifyClaimPresentationAsync, verifyExtensionSignature, verifyRecordSignatureAsync, verifySpaceChallengeAsync, verifyWithPasskeyAsync, wrapKey };

package/dist/index.js

@@ -1049,6 +1049,40 @@ var SHELL_COMMANDS = {
   close: "extension_shell_close"
 };
 
+// src/commands/passwords.ts
+var PASSWORD_COMMANDS = {
+  /** List items (no secrets) within the extension's tag scope */
+  list: "extension_password_list",
+  /** Read full item including secrets, by id */
+  read: "extension_password_read",
+  /** Create item — must include >=1 tag in scope */
+  create: "extension_password_create",
+  /** Update item — keeps >=1 tag in scope */
+  update: "extension_password_update",
+  /** Delete item — must be in scope */
+  delete: "extension_password_delete"
+};
+
+// src/commands/mail.ts
+var MAIL_COMMANDS = {
+  /** LIST mailboxes + optional STATUS counts */
+  listMailboxes: "extension_mail_list_mailboxes",
+  /** Lightweight envelope fetch for list views */
+  fetchEnvelopes: "extension_mail_fetch_envelopes",
+  /** Full message fetch (envelope + body + attachment metadata) */
+  fetchMessage: "extension_mail_fetch_message",
+  /** Set or unset IMAP flags on a UID set */
+  setFlags: "extension_mail_set_flags",
+  /** MOVE messages between mailboxes (COPY+EXPUNGE fallback) */
+  moveMessages: "extension_mail_move_messages",
+  /** APPEND a base64-encoded RFC822 message into a mailbox */
+  appendMessage: "extension_mail_append_message",
+  /** SMTP send. Returns the assigned Message-ID. */
+  sendMessage: "extension_mail_send_message",
+  /** Build RFC822 bytes without sending (for Drafts via APPEND) */
+  buildRfc822: "extension_mail_build_rfc822"
+};
+
 // src/commands/index.ts
 var TAURI_COMMANDS = {
   database: DATABASE_COMMANDS,
@@ -1061,7 +1095,9 @@ var TAURI_COMMANDS = {
   remoteStorage: REMOTE_STORAGE_COMMANDS,
   localsend: LOCALSEND_COMMANDS,
   spaces: SPACE_COMMANDS,
-  shell: SHELL_COMMANDS
+  shell: SHELL_COMMANDS,
+  passwords: PASSWORD_COMMANDS,
+  mail: MAIL_COMMANDS
 };
 
 // src/api/storage.ts
@@ -1087,6 +1123,12 @@ var StorageAPI = class {
 };
 
 // src/api/database.ts
+function quoteIdent(identifier) {
+  if (identifier.startsWith('"') && identifier.endsWith('"')) {
+    return identifier;
+  }
+  return `"${identifier.replace(/"/g, '""')}"`;
+}
 var DatabaseAPI = class {
   constructor(client) {
     this.client = client;
@@ -1117,11 +1159,11 @@ var DatabaseAPI = class {
     });
   }
   async createTable(tableName, columns) {
-    const query = `CREATE TABLE IF NOT EXISTS ${tableName} (${columns})`;
+    const query = `CREATE TABLE IF NOT EXISTS ${quoteIdent(tableName)} (${columns})`;
     await this.execute(query);
   }
   async dropTable(tableName) {
-    const query = `DROP TABLE IF EXISTS ${tableName}`;
+    const query = `DROP TABLE IF EXISTS ${quoteIdent(tableName)}`;
     await this.execute(query);
   }
   /**
@@ -1150,18 +1192,17 @@ var DatabaseAPI = class {
   async insert(tableName, data) {
     const keys = Object.keys(data);
     const values = Object.values(data);
+    const quotedCols = keys.map(quoteIdent).join(", ");
     const placeholders = keys.map(() => "?").join(", ");
-    const query = `INSERT INTO ${tableName} (${keys.join(
-      ", "
-    )}) VALUES (${placeholders})`;
+    const query = `INSERT INTO ${quoteIdent(tableName)} (${quotedCols}) VALUES (${placeholders})`;
     const result = await this.execute(query, values);
     return result.lastInsertId ?? -1;
   }
   async update(tableName, data, where, whereParams) {
     const keys = Object.keys(data);
     const values = Object.values(data);
-    const setClause = keys.map((key) => `${key} = ?`).join(", ");
-    const query = `UPDATE ${tableName} SET ${setClause} WHERE ${where}`;
+    const setClause = keys.map((key) => `${quoteIdent(key)} = ?`).join(", ");
+    const query = `UPDATE ${quoteIdent(tableName)} SET ${setClause} WHERE ${where}`;
     const result = await this.execute(query, [
       ...values,
       ...whereParams || []
@@ -1169,12 +1210,12 @@ var DatabaseAPI = class {
     return result.rowsAffected;
   }
   async delete(tableName, where, whereParams) {
-    const query = `DELETE FROM ${tableName} WHERE ${where}`;
+    const query = `DELETE FROM ${quoteIdent(tableName)} WHERE ${where}`;
     const result = await this.execute(query, whereParams);
     return result.rowsAffected;
   }
   async count(tableName, where, whereParams) {
-    const query = where ? `SELECT COUNT(*) as count FROM ${tableName} WHERE ${where}` : `SELECT COUNT(*) as count FROM ${tableName}`;
+    const query = where ? `SELECT COUNT(*) as count FROM ${quoteIdent(tableName)} WHERE ${where}` : `SELECT COUNT(*) as count FROM ${quoteIdent(tableName)}`;
     const result = await this.queryOne(query, whereParams);
     return result?.count ?? 0;
   }
@@ -2005,6 +2046,140 @@ var ShellAPI = class {
   }
 };
 
+// src/api/passwords.ts
+var PasswordsAPI = class {
+  constructor(client) {
+    this.client = client;
+  }
+  /** List items in scope — summaries only, no secrets. */
+  async listAsync() {
+    return this.client.request(
+      PASSWORD_COMMANDS.list,
+      {}
+    );
+  }
+  /** Read a single item by id with full secrets. */
+  async readAsync(itemId) {
+    return this.client.request(PASSWORD_COMMANDS.read, {
+      itemId
+    });
+  }
+  /**
+   * Create a new password item. `input.tags` must contain at least one
+   * tag within the extension's permission scope, otherwise the write
+   * is rejected as a security violation.
+   *
+   * Returns the new item id.
+   */
+  async createAsync(input) {
+    return this.client.request(PASSWORD_COMMANDS.create, { input });
+  }
+  /**
+   * Update an existing item. The item must already be in scope, and
+   * the new tag set must keep at least one tag in scope (extensions
+   * cannot orphan an item out of their own reach).
+   */
+  async updateAsync(itemId, input) {
+    return this.client.request(PASSWORD_COMMANDS.update, {
+      itemId,
+      input
+    });
+  }
+  /** Delete an item by id. Item must be in scope. */
+  async deleteAsync(itemId) {
+    return this.client.request(PASSWORD_COMMANDS.delete, { itemId });
+  }
+};
+
+// src/api/mail.ts
+var MailAPI = class {
+  constructor(client) {
+    this.client = client;
+  }
+  /**
+   * LIST mailboxes for an IMAP account. Pass `includeStatus=true` for
+   * EXISTS/UNSEEN/UIDVALIDITY/UIDNEXT per box (one extra round-trip
+   * per mailbox — fine for typical accounts, expensive for large
+   * trees).
+   */
+  async listMailboxesAsync(imap, options = {}) {
+    return this.client.request(MAIL_COMMANDS.listMailboxes, {
+      imap,
+      reference: options.reference,
+      pattern: options.pattern,
+      includeStatus: options.includeStatus
+    });
+  }
+  /** Fetch lightweight envelopes for a mailbox + range (for list views). */
+  async fetchEnvelopesAsync(imap, mailbox, range) {
+    return this.client.request(
+      MAIL_COMMANDS.fetchEnvelopes,
+      { imap, mailbox, range }
+    );
+  }
+  /** Fetch a full message (envelope + body + attachment metadata) by UID. */
+  async fetchMessageAsync(imap, mailbox, uid) {
+    return this.client.request(MAIL_COMMANDS.fetchMessage, {
+      imap,
+      mailbox,
+      uid
+    });
+  }
+  /**
+   * Set or unset IMAP flags. Use `flags=["\\Seen"]` + `add=true` to
+   * mark messages as read; `add=false` removes the flag(s).
+   */
+  async setFlagsAsync(imap, mailbox, uids, flags, add) {
+    return this.client.request(MAIL_COMMANDS.setFlags, {
+      imap,
+      mailbox,
+      uids,
+      flags,
+      add
+    });
+  }
+  /** Move messages between mailboxes. Falls back to COPY+EXPUNGE on servers without MOVE. */
+  async moveMessagesAsync(imap, sourceMailbox, destinationMailbox, uids) {
+    return this.client.request(MAIL_COMMANDS.moveMessages, {
+      imap,
+      sourceMailbox,
+      destinationMailbox,
+      uids
+    });
+  }
+  /**
+   * APPEND a base64-encoded RFC822 message into a mailbox. Combine
+   * with `buildRfc822Async` to save drafts, or with the bytes returned
+   * after `sendMessageAsync` to mirror the sent copy into "Sent".
+   */
+  async appendMessageAsync(imap, mailbox, rfc822Base64, flags) {
+    return this.client.request(MAIL_COMMANDS.appendMessage, {
+      imap,
+      mailbox,
+      rfc822Base64,
+      flags
+    });
+  }
+  /** Send a message via SMTP. Returns the assigned Message-ID (no angle brackets). */
+  async sendMessageAsync(smtp, message) {
+    return this.client.request(MAIL_COMMANDS.sendMessage, {
+      smtp,
+      message
+    });
+  }
+  /**
+   * Build RFC822 bytes for a message without sending — useful for
+   * drafts that get APPENDed to a "Drafts" folder. Permission-wise
+   * this is a fetch operation (no SMTP host involved).
+   */
+  async buildRfc822Async(imapHost, message) {
+    return this.client.request(MAIL_COMMANDS.buildRfc822, {
+      imapHost,
+      message
+    });
+  }
+};
+
 // src/client/tableName.ts
 function validatePublicKey(publicKey) {
   if (!publicKey || typeof publicKey !== "string" || publicKey.trim() === "") {
@@ -2361,7 +2536,7 @@ async function initIframeMode(ctx, log, messageHandler, request) {
       publicKey: ctx.config.manifest.publicKey,
       name: ctx.config.manifest.name,
       version: ctx.config.manifest.version,
-      displayName: ctx.config.manifest.name
+      displayName: ctx.config.manifest.displayName ?? ctx.config.manifest.name
     };
     log("Extension info loaded from manifest:", ctx.state.extensionInfo);
   }
@@ -2552,11 +2727,10 @@ function processEvent(event, log, eventListeners, onContextChanged, onExternalRe
   emitEvent(event, log, eventListeners);
 }
 function emitEvent(event, log, eventListeners) {
-  console.log("[HaexVault SDK] emitEvent called with:", event.type, event);
-  console.log("[HaexVault SDK] Registered event types:", Array.from(eventListeners.keys()));
-  log("Event received:", event);
+  log("emitEvent called with:", event.type, event);
+  log("Registered event types:", Array.from(eventListeners.keys()));
   const listeners = eventListeners.get(event.type);
-  console.log("[HaexVault SDK] Listeners for", event.type, ":", listeners?.size ?? 0);
+  log("Listeners for", event.type, ":", listeners?.size ?? 0);
   if (listeners) {
     listeners.forEach((callback) => callback(event));
   }
@@ -2653,9 +2827,9 @@ function registerExternalHandler(action, handler, handlers, log) {
   };
 }
 async function handleExternalRequest(request, handlers, respond, log) {
-  console.log("[SDK Debug] handleExternalRequest called!");
-  console.log("[SDK Debug] Request:", JSON.stringify(request, null, 2));
-  console.log("[SDK Debug] Available handlers:", Array.from(handlers.keys()));
+  log("handleExternalRequest called");
+  log("Request:", request);
+  log("Available handlers:", Array.from(handlers.keys()));
   log(`[ExternalRequest] Received request: ${request.action} from ${request.publicKey.substring(0, 20)}...`);
   const handler = handlers.get(request.action);
   if (!handler) {
@@ -2681,7 +2855,6 @@ async function handleExternalRequest(request, handlers, respond, log) {
   }
 }
 async function respondToExternalRequest(response, request) {
-  console.log("[SDK Debug] respondToExternalRequest called with:", JSON.stringify(response, null, 2));
   await request(EXTERNAL_BRIDGE_COMMANDS.respond, response);
 }
 
@@ -2739,11 +2912,17 @@ var HaexVaultSdk = class {
     this.localsend = new LocalSendAPI(this);
     this.spaces = new SpacesAPI(this);
     this.shell = new ShellAPI(this);
+    this.passwords = new PasswordsAPI(this);
+    this.mail = new MailAPI(this);
     installConsoleForwarding(this.config.debug);
-    this.readyPromise = new Promise((resolve) => {
+    this.readyPromise = new Promise((resolve, reject) => {
       this.resolveReady = resolve;
+      this.rejectReady = reject;
+    });
+    this.init().catch((error) => {
+      this.log("Init failed:", error);
+      this.rejectReady(error);
     });
-    this.init();
   }
   // ==========================================================================
   // Lifecycle
@@ -2771,9 +2950,14 @@ var HaexVaultSdk = class {
     return this.setupPromise;
   }
   destroy() {
-    if (this.messageHandler) {
-      window.removeEventListener("message", this.messageHandler);
+    if (this.messageHandler && this.hostPort) {
+      this.hostPort.removeEventListener("message", this.messageHandler);
+    }
+    if (this.hostPort) {
+      this.hostPort.close();
+      this.hostPort = null;
     }
+    this.messageHandler = null;
     this.pendingRequests.forEach(({ timeout }) => clearTimeout(timeout));
     this.pendingRequests.clear();
     this.eventListeners.clear();
@@ -3001,7 +3185,7 @@ var HaexVaultSdk = class {
         publicKey: this.config.manifest.publicKey,
         name: this.config.manifest.name,
         version: this.config.manifest.version,
-        displayName: this.config.manifest.name
+        displayName: this.config.manifest.displayName ?? this.config.manifest.name
       };
       this.notifySubscribersInternal();
     }
@@ -3671,6 +3855,10 @@ exports.HaexVaultSdkError = HaexVaultSdkError;
 exports.KnownPath = KnownPath;
 exports.LOCALSEND_EVENTS = LOCALSEND_EVENTS;
 exports.LocalSendAPI = LocalSendAPI;
+exports.MAIL_COMMANDS = MAIL_COMMANDS;
+exports.MailAPI = MailAPI;
+exports.PASSWORD_COMMANDS = PASSWORD_COMMANDS;
+exports.PasswordsAPI = PasswordsAPI;
 exports.PermissionErrorCode = PermissionErrorCode;
 exports.PermissionStatus = PermissionStatus;
 exports.PermissionsAPI = PermissionsAPI;