npm - @haex-space/vault-sdk - Versions diffs - 3.2.7 → 3.2.8 - Mend

@haex-space/vault-sdk 3.2.7 → 3.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/dist/{client-Bbm83Oy6.d.mts → client-BBD-YsPv.d.ts} +2 -1
package/dist/{client-exZiz0Ph.d.ts → client-DaS2fAf-.d.mts} +2 -1
package/dist/index.d.mts +4 -4
package/dist/index.d.ts +4 -4
package/dist/index.js +135 -220
package/dist/index.js.map +1 -1
package/dist/index.mjs +135 -220
package/dist/index.mjs.map +1 -1
package/dist/node.d.mts +1 -1
package/dist/node.d.ts +1 -1
package/dist/react.d.mts +2 -2
package/dist/react.d.ts +2 -2
package/dist/react.js +139 -224
package/dist/react.js.map +1 -1
package/dist/react.mjs +139 -224
package/dist/react.mjs.map +1 -1
package/dist/runtime/nuxt.plugin.client.d.mts +2 -2
package/dist/runtime/nuxt.plugin.client.d.ts +2 -2
package/dist/runtime/nuxt.plugin.client.js +139 -224
package/dist/runtime/nuxt.plugin.client.js.map +1 -1
package/dist/runtime/nuxt.plugin.client.mjs +139 -224
package/dist/runtime/nuxt.plugin.client.mjs.map +1 -1
package/dist/svelte.d.mts +2 -2
package/dist/svelte.d.ts +2 -2
package/dist/svelte.js +139 -224
package/dist/svelte.js.map +1 -1
package/dist/svelte.mjs +139 -224
package/dist/svelte.mjs.map +1 -1
package/dist/{types-CDMBvvjl.d.mts → types-Cji-mUN0.d.mts} +4 -0
package/dist/{types-CDMBvvjl.d.ts → types-Cji-mUN0.d.ts} +4 -0
package/dist/vue.d.mts +2 -2
package/dist/vue.d.ts +2 -2
package/dist/vue.js +139 -224
package/dist/vue.js.map +1 -1
package/dist/vue.mjs +139 -224
package/dist/vue.mjs.map +1 -1
package/package.json +1 -1

package/dist/{client-Bbm83Oy6.d.mts → client-BBD-YsPv.d.ts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { b as HaexHubEvent, c as EXTERNAL_EVENTS, D as DatabaseQueryResult, M as Migration, d as MigrationResult, W as WebRequestOptions, e as WebResponse, f as EventCallback, H as HaexHubConfig, a as ExtensionInfo, A as ApplicationContext, g as DatabasePermissionRequest, P as PermissionResponse, S as SearchResult } from './types-CDMBvvjl.mjs';
+import { b as HaexHubEvent, c as EXTERNAL_EVENTS, D as DatabaseQueryResult, M as Migration, d as MigrationResult, W as WebRequestOptions, e as WebResponse, f as EventCallback, H as HaexHubConfig, a as ExtensionInfo, A as ApplicationContext, g as DatabasePermissionRequest, P as PermissionResponse, S as SearchResult } from './types-Cji-mUN0.js';
 import { SqliteRemoteDatabase } from 'drizzle-orm/sqlite-proxy';
 /**
@@ -1468,6 +1468,7 @@ declare class HaexVaultSdk {
     private readonly eventListeners;
     private readonly externalRequestHandlers;
     private readonly reactiveSubscribers;
+    private readonly permissionWaiters;
     private messageHandler;
     /**
      * MessagePort obtained from the main window during iframe-mode handshake.

package/dist/{client-exZiz0Ph.d.ts → client-DaS2fAf-.d.mts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { b as HaexHubEvent, c as EXTERNAL_EVENTS, D as DatabaseQueryResult, M as Migration, d as MigrationResult, W as WebRequestOptions, e as WebResponse, f as EventCallback, H as HaexHubConfig, a as ExtensionInfo, A as ApplicationContext, g as DatabasePermissionRequest, P as PermissionResponse, S as SearchResult } from './types-CDMBvvjl.js';
+import { b as HaexHubEvent, c as EXTERNAL_EVENTS, D as DatabaseQueryResult, M as Migration, d as MigrationResult, W as WebRequestOptions, e as WebResponse, f as EventCallback, H as HaexHubConfig, a as ExtensionInfo, A as ApplicationContext, g as DatabasePermissionRequest, P as PermissionResponse, S as SearchResult } from './types-Cji-mUN0.mjs';
 import { SqliteRemoteDatabase } from 'drizzle-orm/sqlite-proxy';
 /**
@@ -1468,6 +1468,7 @@ declare class HaexVaultSdk {
     private readonly eventListeners;
     private readonly externalRequestHandlers;
     private readonly reactiveSubscribers;
+    private readonly permissionWaiters;
     private messageHandler;
     /**
      * MessagePort obtained from the main window during iframe-mode handshake.

package/dist/index.d.mts CHANGED Viewed

@@ -1,7 +1,7 @@
-import { H as HaexVaultSdk } from './client-Bbm83Oy6.mjs';
-export { A as AuthorizedClient, B as BlockedClient, C as ConnectionSecurity, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, I as ImapConfig, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, M as MailAPI, t as MailAccount, u as MailAddress, v as MailAttachment, w as MailFetchRange, x as MailMessage, y as MailboxInfo, z as MessageEnvelope, O as OutgoingAttachment, G as OutgoingMessage, P as PasswordInput, J as PasswordItemFull, N as PasswordItemSummary, Q as PasswordKeyValue, R as PasswordKeyValueInput, T as PasswordsAPI, U as PendingAuthorization, V as PendingTransfer, W as PermissionsAPI, X as RemoteAddBackendRequest, Y as RemoteS3Config, Z as RemoteS3PublicConfig, _ as RemoteStorageAPI, $ as RemoteStorageBackendInfo, a0 as RemoteStorageObjectInfo, a1 as RemoteUpdateBackendRequest, a2 as RequestedExtension, a3 as SelectFileOptions, a4 as SelectFolderOptions, a5 as ServerInfo, a6 as ServerStatus, a7 as SessionAuthorization, a8 as SharedSpace, a9 as ShellAPI, aa as ShellCreateOptions, ab as ShellCreateResponse, ac as ShellExitEvent, ad as ShellOutputEvent, ae as SmtpConfig, af as SpaceAccessTokenInfo, ag as SpaceAssignment, ah as SpaceInvite, ai as SpaceKeyGrantInfo, aj as SpaceMemberInfo, ak as SpacesAPI, al as SyncBackendInfo, am as TransferDirection, an as TransferProgress, ao as TransferState, ap as WebAPI, aq as canExternalClientSendRequests, ar as isExternalClientConnected } from './client-Bbm83Oy6.mjs';
-import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-CDMBvvjl.mjs';
-export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-CDMBvvjl.mjs';
+import { H as HaexVaultSdk } from './client-DaS2fAf-.mjs';
+export { A as AuthorizedClient, B as BlockedClient, C as ConnectionSecurity, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, I as ImapConfig, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, M as MailAPI, t as MailAccount, u as MailAddress, v as MailAttachment, w as MailFetchRange, x as MailMessage, y as MailboxInfo, z as MessageEnvelope, O as OutgoingAttachment, G as OutgoingMessage, P as PasswordInput, J as PasswordItemFull, N as PasswordItemSummary, Q as PasswordKeyValue, R as PasswordKeyValueInput, T as PasswordsAPI, U as PendingAuthorization, V as PendingTransfer, W as PermissionsAPI, X as RemoteAddBackendRequest, Y as RemoteS3Config, Z as RemoteS3PublicConfig, _ as RemoteStorageAPI, $ as RemoteStorageBackendInfo, a0 as RemoteStorageObjectInfo, a1 as RemoteUpdateBackendRequest, a2 as RequestedExtension, a3 as SelectFileOptions, a4 as SelectFolderOptions, a5 as ServerInfo, a6 as ServerStatus, a7 as SessionAuthorization, a8 as SharedSpace, a9 as ShellAPI, aa as ShellCreateOptions, ab as ShellCreateResponse, ac as ShellExitEvent, ad as ShellOutputEvent, ae as SmtpConfig, af as SpaceAccessTokenInfo, ag as SpaceAssignment, ah as SpaceInvite, ai as SpaceKeyGrantInfo, aj as SpaceMemberInfo, ak as SpacesAPI, al as SyncBackendInfo, am as TransferDirection, an as TransferProgress, ao as TransferState, ap as WebAPI, aq as canExternalClientSendRequests, ar as isExternalClientConnected } from './client-DaS2fAf-.mjs';
+import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-Cji-mUN0.mjs';
+export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-Cji-mUN0.mjs';
 export { H as HaextensionConfig } from './config-D_HXjsEV.mjs';
 import 'drizzle-orm/sqlite-proxy';

package/dist/index.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
-import { H as HaexVaultSdk } from './client-exZiz0Ph.js';
-export { A as AuthorizedClient, B as BlockedClient, C as ConnectionSecurity, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, I as ImapConfig, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, M as MailAPI, t as MailAccount, u as MailAddress, v as MailAttachment, w as MailFetchRange, x as MailMessage, y as MailboxInfo, z as MessageEnvelope, O as OutgoingAttachment, G as OutgoingMessage, P as PasswordInput, J as PasswordItemFull, N as PasswordItemSummary, Q as PasswordKeyValue, R as PasswordKeyValueInput, T as PasswordsAPI, U as PendingAuthorization, V as PendingTransfer, W as PermissionsAPI, X as RemoteAddBackendRequest, Y as RemoteS3Config, Z as RemoteS3PublicConfig, _ as RemoteStorageAPI, $ as RemoteStorageBackendInfo, a0 as RemoteStorageObjectInfo, a1 as RemoteUpdateBackendRequest, a2 as RequestedExtension, a3 as SelectFileOptions, a4 as SelectFolderOptions, a5 as ServerInfo, a6 as ServerStatus, a7 as SessionAuthorization, a8 as SharedSpace, a9 as ShellAPI, aa as ShellCreateOptions, ab as ShellCreateResponse, ac as ShellExitEvent, ad as ShellOutputEvent, ae as SmtpConfig, af as SpaceAccessTokenInfo, ag as SpaceAssignment, ah as SpaceInvite, ai as SpaceKeyGrantInfo, aj as SpaceMemberInfo, ak as SpacesAPI, al as SyncBackendInfo, am as TransferDirection, an as TransferProgress, ao as TransferState, ap as WebAPI, aq as canExternalClientSendRequests, ar as isExternalClientConnected } from './client-exZiz0Ph.js';
-import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-CDMBvvjl.js';
-export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-CDMBvvjl.js';
+import { H as HaexVaultSdk } from './client-BBD-YsPv.js';
+export { A as AuthorizedClient, B as BlockedClient, C as ConnectionSecurity, D as DatabaseAPI, a as DecryptedSpace, b as Device, c as DeviceInfo, d as DeviceType, e as DirEntry, E as ExternalAuthDecision, f as ExternalConnection, g as ExternalConnectionErrorCode, h as ExternalConnectionState, i as ExternalRequest, j as ExternalRequestEvent, k as ExternalRequestHandler, l as ExternalRequestPayload, m as ExternalResponse, F as FileStat, n as FilesystemAPI, I as ImapConfig, K as KnownPath, o as KnownPaths, L as LOCALSEND_EVENTS, p as LocalSendAPI, q as LocalSendEvent, r as LocalSendFileInfo, s as LocalSendSettings, M as MailAPI, t as MailAccount, u as MailAddress, v as MailAttachment, w as MailFetchRange, x as MailMessage, y as MailboxInfo, z as MessageEnvelope, O as OutgoingAttachment, G as OutgoingMessage, P as PasswordInput, J as PasswordItemFull, N as PasswordItemSummary, Q as PasswordKeyValue, R as PasswordKeyValueInput, T as PasswordsAPI, U as PendingAuthorization, V as PendingTransfer, W as PermissionsAPI, X as RemoteAddBackendRequest, Y as RemoteS3Config, Z as RemoteS3PublicConfig, _ as RemoteStorageAPI, $ as RemoteStorageBackendInfo, a0 as RemoteStorageObjectInfo, a1 as RemoteUpdateBackendRequest, a2 as RequestedExtension, a3 as SelectFileOptions, a4 as SelectFolderOptions, a5 as ServerInfo, a6 as ServerStatus, a7 as SessionAuthorization, a8 as SharedSpace, a9 as ShellAPI, aa as ShellCreateOptions, ab as ShellCreateResponse, ac as ShellExitEvent, ad as ShellOutputEvent, ae as SmtpConfig, af as SpaceAccessTokenInfo, ag as SpaceAssignment, ah as SpaceInvite, ai as SpaceKeyGrantInfo, aj as SpaceMemberInfo, ak as SpacesAPI, al as SyncBackendInfo, am as TransferDirection, an as TransferProgress, ao as TransferState, ap as WebAPI, aq as canExternalClientSendRequests, ar as isExternalClientConnected } from './client-BBD-YsPv.js';
+import { E as ExtensionManifest, h as SignedClaimPresentation, H as HaexHubConfig } from './types-Cji-mUN0.js';
+export { A as ApplicationContext, C as ClaimRequirement, i as ContextChangedEvent, j as DEFAULT_TIMEOUT, k as DatabaseColumnInfo, l as DatabaseExecuteParams, m as DatabasePermission, g as DatabasePermissionRequest, n as DatabaseQueryParams, D as DatabaseQueryResult, o as DatabaseTableInfo, c as EXTERNAL_EVENTS, p as ErrorCode, f as EventCallback, a as ExtensionInfo, q as ExtensionRuntimeMode, r as ExternalEvent, F as FileChangeEvent, s as FileChangePayload, t as FileChangeType, u as FilteredSyncTablesResult, v as HAEXTENSION_EVENTS, b as HaexHubEvent, w as HaexHubRequest, x as HaexHubResponse, y as HaexVaultSdkError, z as HaextensionEvent, I as IdentityClaim, B as ManifestI18nEntry, G as PermissionDeniedError, J as PermissionErrorBase, K as PermissionErrorCode, L as PermissionPromptError, P as PermissionResponse, N as PermissionStatus, O as SHELL_EVENTS, Q as SearchQuery, R as SearchRequestEvent, S as SearchResult, T as ShellEvent, U as SyncTablesUpdatedEvent, V as TABLE_SEPARATOR, W as WebRequestOptions, e as WebResponse, X as getTableName, Y as isPermissionDeniedError, Z as isPermissionError, _ as isPermissionPromptError } from './types-Cji-mUN0.js';
 export { H as HaextensionConfig } from './config-D_HXjsEV.js';
 import 'drizzle-orm/sqlite-proxy';

package/dist/index.js CHANGED Viewed

@@ -711,7 +711,11 @@ var HAEXTENSION_EVENTS = {
   /** File system change detected (from native file watcher) */
   FILE_CHANGED: "filesync:file-changed",
   /** Tables have been updated via sync (CRDT pull from server) */
-  SYNC_TABLES_UPDATED: "haextension:sync:tables-updated"
+  SYNC_TABLES_UPDATED: "haextension:sync:tables-updated",
+  /** A runtime permission prompt was resolved (granted/denied) by the user.
+   *  The SDK uses this to auto-retry the original request; extensions may also
+   *  subscribe via `client.on(HAEXTENSION_EVENTS.PERMISSION_RESOLVED, ...)`. */
+  PERMISSION_RESOLVED: "extension:permission-resolved"
 };
 var EXTERNAL_EVENTS = {
   /** External request from authorized client */
@@ -2300,6 +2304,21 @@ async function initNativeMode(ctx, log, onEvent, onContextChange) {
   await setupTauriEventListeners(ctx, log, onEvent, onContextChange);
   return { extensionInfo, context };
 }
+async function forwardEvent(listen, log, onEvent, listenOptions, eventName, shape) {
+  try {
+    await listen(eventName, (event) => {
+      if (event.payload == null) {
+        log(`Event '${eventName}' received with no payload`);
+        return;
+      }
+      const extra = shape ? shape(event.payload) : { data: event.payload };
+      onEvent({ type: eventName, timestamp: Date.now(), ...extra });
+    }, listenOptions);
+    log(`Listener registered: ${eventName}`);
+  } catch (error) {
+    log(`Failed to register listener '${eventName}':`, error);
+  }
+}
 async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
   const { listen } = getTauriEvent();
   const webviewLabel = getCurrentWebviewLabel();
@@ -2331,207 +2350,29 @@ async function setupTauriEventListeners(ctx, log, onEvent, onContextChange) {
   } catch (error) {
     log("Failed to setup context change listener:", error);
   }
-  try {
-    await listen(EXTERNAL_EVENTS.REQUEST, (event) => {
-      log("====== EXTERNAL REQUEST RECEIVED ======");
-      log("Event payload:", JSON.stringify(event.payload, null, 2));
-      if (event.payload) {
-        onEvent({
-          type: EXTERNAL_EVENTS.REQUEST,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      } else {
-        log("External request event has no payload!");
-      }
-    }, listenOptions);
-    log("External request listener registered successfully");
-  } catch (error) {
-    log("Failed to setup external request listener:", error);
-  }
-  try {
-    await listen(EXTERNAL_EVENTS.ACTION_REQUEST, (event) => {
-      log("====== AI ACTION REQUEST RECEIVED ======");
-      log("Payload:", JSON.stringify(event.payload));
-      if (event.payload) {
-        onEvent({
-          type: EXTERNAL_EVENTS.ACTION_REQUEST,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      } else {
-        log("AI action request event has no payload!");
-      }
-    }, listenOptions);
-    log("AI action request listener registered successfully");
-  } catch (error) {
-    log("Failed to setup AI action request listener:", error);
-  }
-  log("Registering file change listener for:", HAEXTENSION_EVENTS.FILE_CHANGED);
-  try {
-    await listen(HAEXTENSION_EVENTS.FILE_CHANGED, (event) => {
-      log("File change event received:", event.payload);
-      if (event.payload) {
-        const payload = event.payload;
-        onEvent({
-          type: HAEXTENSION_EVENTS.FILE_CHANGED,
-          ruleId: payload.ruleId,
-          changeType: payload.changeType,
-          path: payload.path,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("File change listener registered successfully");
-  } catch (error) {
-    log("Failed to setup file change listener:", error);
-  }
-  log("Registering sync tables updated listener for:", HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED);
-  try {
-    await listen(HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED, (event) => {
-      log("Sync tables updated event received:", event.payload);
-      if (event.payload) {
-        const payload = event.payload;
-        onEvent({
-          type: HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED,
-          data: { tables: payload.tables },
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("Sync tables updated listener registered successfully");
-  } catch (error) {
-    log("Failed to setup sync tables updated listener:", error);
-  }
-  log("Setting up LocalSend event listeners");
-  try {
-    await setupLocalSendEventListeners(log, onEvent, listenOptions);
-    log("LocalSend event listeners setup complete");
-  } catch (error) {
-    log("Failed to setup LocalSend event listeners:", error);
-  }
-  log("Setting up Shell event listeners");
-  try {
-    await listen(SHELL_EVENTS.OUTPUT, (event) => {
-      if (event.payload) {
-        const payload = event.payload;
-        onEvent({
-          type: SHELL_EVENTS.OUTPUT,
-          timestamp: Date.now(),
-          sessionId: payload.sessionId,
-          data: payload.data
-        });
-      }
-    }, listenOptions);
-    log("Shell output listener registered");
-    await listen(SHELL_EVENTS.EXIT, (event) => {
-      if (event.payload) {
-        const payload = event.payload;
-        onEvent({
-          type: SHELL_EVENTS.EXIT,
-          timestamp: Date.now(),
-          sessionId: payload.sessionId,
-          exitCode: payload.exitCode
-        });
-      }
-    }, listenOptions);
-    log("Shell exit listener registered");
-  } catch (error) {
-    log("Failed to setup Shell event listeners:", error);
-  }
-}
-async function setupLocalSendEventListeners(log, onEvent, listenOptions) {
-  const { listen } = getTauriEvent();
-  try {
-    await listen(LOCALSEND_EVENTS.deviceDiscovered, (event) => {
-      log("LocalSend device discovered:", event.payload);
-      if (event.payload) {
-        onEvent({
-          type: LOCALSEND_EVENTS.deviceDiscovered,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("LocalSend device discovered listener registered");
-  } catch (error) {
-    log("Failed to setup LocalSend device discovered listener:", error);
-  }
-  try {
-    await listen(LOCALSEND_EVENTS.deviceLost, (event) => {
-      log("LocalSend device lost:", event.payload);
-      if (event.payload) {
-        onEvent({
-          type: LOCALSEND_EVENTS.deviceLost,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("LocalSend device lost listener registered");
-  } catch (error) {
-    log("Failed to setup LocalSend device lost listener:", error);
-  }
-  try {
-    await listen(LOCALSEND_EVENTS.transferRequest, (event) => {
-      log("LocalSend transfer request:", event.payload);
-      if (event.payload) {
-        onEvent({
-          type: LOCALSEND_EVENTS.transferRequest,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("LocalSend transfer request listener registered");
-  } catch (error) {
-    log("Failed to setup LocalSend transfer request listener:", error);
-  }
-  try {
-    await listen(LOCALSEND_EVENTS.transferProgress, (event) => {
-      log("LocalSend transfer progress event:", event);
-      if (event.payload) {
-        onEvent({
-          type: LOCALSEND_EVENTS.transferProgress,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("LocalSend transfer progress listener registered");
-  } catch (error) {
-    log("Failed to setup LocalSend transfer progress listener:", error);
-  }
-  try {
-    await listen(LOCALSEND_EVENTS.transferComplete, (event) => {
-      log("LocalSend transfer complete:", event.payload);
-      if (event.payload) {
-        onEvent({
-          type: LOCALSEND_EVENTS.transferComplete,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("LocalSend transfer complete listener registered");
-  } catch (error) {
-    log("Failed to setup LocalSend transfer complete listener:", error);
-  }
-  try {
-    await listen(LOCALSEND_EVENTS.transferFailed, (event) => {
-      log("LocalSend transfer failed:", event.payload);
-      if (event.payload) {
-        onEvent({
-          type: LOCALSEND_EVENTS.transferFailed,
-          data: event.payload,
-          timestamp: Date.now()
-        });
-      }
-    }, listenOptions);
-    log("LocalSend transfer failed listener registered");
-  } catch (error) {
-    log("Failed to setup LocalSend transfer failed listener:", error);
-  }
+  for (const eventName of [
+    HAEXTENSION_EVENTS.PERMISSION_RESOLVED,
+    EXTERNAL_EVENTS.REQUEST,
+    EXTERNAL_EVENTS.ACTION_REQUEST,
+    ...Object.values(LOCALSEND_EVENTS)
+  ]) {
+    await forwardEvent(listen, log, onEvent, listenOptions, eventName);
+  }
+  await forwardEvent(listen, log, onEvent, listenOptions, HAEXTENSION_EVENTS.SYNC_TABLES_UPDATED, (payload) => ({
+    data: { tables: payload.tables }
+  }));
+  await forwardEvent(listen, log, onEvent, listenOptions, HAEXTENSION_EVENTS.FILE_CHANGED, (payload) => {
+    const { ruleId, changeType, path } = payload;
+    return { ruleId, changeType, path };
+  });
+  await forwardEvent(listen, log, onEvent, listenOptions, SHELL_EVENTS.OUTPUT, (payload) => {
+    const { sessionId, data } = payload;
+    return { sessionId, data };
+  });
+  await forwardEvent(listen, log, onEvent, listenOptions, SHELL_EVENTS.EXIT, (payload) => {
+    const { sessionId, exitCode } = payload;
+    return { sessionId, exitCode };
+  });
 }
 async function initIframeMode(ctx, log, messageHandler) {
   if (!isInIframe()) {
@@ -2875,6 +2716,68 @@ var AI_COMMANDS = {
   actionRespond: "ai_action_respond"
 };
+// src/client/permissionRetry.ts
+var PERMISSION_DECISION_TIMEOUT_MS = 5 * 60 * 1e3;
+var MAX_PERMISSION_RETRIES = 3;
+function permissionKey(resourceType, action, target) {
+  return `${resourceType}:${action}:${target}`;
+}
+var PermissionWaiterRegistry = class {
+  constructor() {
+    this.waiters = /* @__PURE__ */ new Map();
+  }
+  /** Wait for a decision on `key`; resolves "timeout" if none arrives in time. */
+  wait(key, timeoutMs = PERMISSION_DECISION_TIMEOUT_MS) {
+    return new Promise((resolve) => {
+      const set = this.waiters.get(key) ?? /* @__PURE__ */ new Set();
+      this.waiters.set(key, set);
+      const settle = (outcome) => {
+        if (!set.has(callback)) return;
+        set.delete(callback);
+        if (set.size === 0) this.waiters.delete(key);
+        clearTimeout(timer);
+        resolve(outcome);
+      };
+      const callback = (outcome) => settle(outcome);
+      const timer = setTimeout(() => settle("timeout"), timeoutMs);
+      set.add(callback);
+    });
+  }
+  /** Resolve everyone waiting on `key` with the user's decision. */
+  resolve(key, decision) {
+    const set = this.waiters.get(key);
+    if (!set) return;
+    for (const callback of [...set]) callback(decision);
+  }
+};
+function toDeniedError(error) {
+  return { ...error, code: 1002 /* DENIED */ };
+}
+async function withPermissionRetry(send, registry, log, timeoutMs = PERMISSION_DECISION_TIMEOUT_MS) {
+  for (let attempt = 0; ; attempt++) {
+    try {
+      return await send();
+    } catch (error) {
+      if (!isPermissionPromptError(error) || attempt >= MAX_PERMISSION_RETRIES) {
+        throw error;
+      }
+      const key = permissionKey(error.resourceType, error.action, error.target);
+      log(`Permission prompt required for ${key} \u2014 waiting for user decision`);
+      const outcome = await registry.wait(key, timeoutMs);
+      if (outcome === "granted") {
+        log(`Permission ${key} granted \u2014 retrying request`);
+        continue;
+      }
+      if (outcome === "denied") {
+        log(`Permission ${key} denied`);
+        throw toDeniedError(error);
+      }
+      log(`Permission ${key} prompt timed out`);
+      throw error;
+    }
+  }
+}
 // src/client.ts
 var HaexVaultSdk = class {
   constructor(config = {}) {
@@ -2890,6 +2793,7 @@ var HaexVaultSdk = class {
     this.eventListeners = /* @__PURE__ */ new Map();
     this.externalRequestHandlers = /* @__PURE__ */ new Map();
     this.reactiveSubscribers = /* @__PURE__ */ new Set();
+    this.permissionWaiters = new PermissionWaiterRegistry();
     // Handlers
     this.messageHandler = null;
     /**
@@ -2926,6 +2830,14 @@ var HaexVaultSdk = class {
     this.passwords = new PasswordsAPI(this);
     this.mail = new MailAPI(this);
     installConsoleForwarding(this.config.debug);
+    this.on(HAEXTENSION_EVENTS.PERMISSION_RESOLVED, (event) => {
+      const data = event.data;
+      if (!data) return;
+      this.permissionWaiters.resolve(
+        permissionKey(data.resourceType, data.action, data.target),
+        data.decision === "denied" ? "denied" : "granted"
+      );
+    });
     this.readyPromise = new Promise((resolve, reject) => {
       this.resolveReady = resolve;
       this.rejectReady = reject;
@@ -3074,24 +2986,27 @@ var HaexVaultSdk = class {
   // ==========================================================================
   async request(method, params) {
     const resolvedParams = params ?? {};
-    if (this.isNativeWindow && hasTauri()) {
-      const paramsWithCredentials = {
-        ...resolvedParams,
-        publicKey: this._extensionInfo?.publicKey,
-        name: this._extensionInfo?.name
-      };
-      return sendInvoke(method, paramsWithCredentials, this.config, this.log.bind(this));
-    }
-    const requestId = generateRequestId(++this.requestCounter);
-    return sendPostMessage(
-      method,
-      resolvedParams,
-      requestId,
-      this.config,
-      this._extensionInfo,
-      this.pendingRequests,
-      this.hostPort
-    );
+    const send = () => {
+      if (this.isNativeWindow && hasTauri()) {
+        const paramsWithCredentials = {
+          ...resolvedParams,
+          publicKey: this._extensionInfo?.publicKey,
+          name: this._extensionInfo?.name
+        };
+        return sendInvoke(method, paramsWithCredentials, this.config, this.log.bind(this));
+      }
+      const requestId = generateRequestId(++this.requestCounter);
+      return sendPostMessage(
+        method,
+        resolvedParams,
+        requestId,
+        this.config,
+        this._extensionInfo,
+        this.pendingRequests,
+        this.hostPort
+      );
+    };
+    return withPermissionRetry(send, this.permissionWaiters, this.log.bind(this));
   }
   // ==========================================================================
   // Private: Initialization