@inspectr/mcplab 1.19.0 → 1.20.1

package/dist/app-server/runs-routes.js

@@ -1,30 +1,10 @@
-import { randomUUID } from 'node:crypto';
 import { existsSync, mkdtempSync, rmSync, writeFileSync } from 'node:fs';
 import { tmpdir } from 'node:os';
-import { isAbsolute, join, relative, resolve } from 'node:path';
+import { isAbsolute, join, resolve } from 'node:path';
 import { McpClientManager, loadConfig, hashConfig, runAll, renderSummaryMarkdown, applyRuntimeServerOverrides } from '@inspectr/mcplab-core';
 import { renderReport } from '@inspectr/mcplab-reporting';
 import { OAuthAuthorizationRequiredError } from './oauth-session-manager.js';
-import { selectScenarioIds } from './runs-store.js';
-import { readLibraries as readLibrariesFromStore } from './libraries-store.js';
-export function mergeLibraryEntriesIntoConfig(config, libraryAgents, libraryServers) {
-    return {
-        ...config,
-        agents: { ...libraryAgents, ...config.agents },
-        servers: { ...libraryServers, ...config.servers }
-    };
-}
-export function applyLibraryEntries(loaded, libraryAgents, libraryServers) {
-    loaded.config = mergeLibraryEntriesIntoConfig(loaded.config, libraryAgents, libraryServers);
-    loaded.hash = hashConfig(loaded.config);
-}
-function filterScenarioOverridesToSelectedScenarios(selectedConfig, scenarioServerOverrides) {
-    if (!scenarioServerOverrides)
-        return undefined;
-    const selectedIds = new Set(selectedConfig.scenarios.map((scenario) => scenario.id));
-    const filtered = Object.fromEntries(Object.entries(scenarioServerOverrides).filter(([scenarioId]) => selectedIds.has(scenarioId)));
-    return Object.keys(filtered).length > 0 ? filtered : undefined;
-}
+import { applyLibraryEntries, filterScenarioOverridesToSelectedScenarios, mergeLibraryEntriesIntoConfig } from './run-queue-executor.js';
 // Backward-compatible exports used by existing tests/imports.
 export function mergeLibraryAgentsIntoConfig(config, libraryAgents) {
     return mergeLibraryEntriesIntoConfig(config, libraryAgents, {});
@@ -32,55 +12,8 @@ export function mergeLibraryAgentsIntoConfig(config, libraryAgents) {
 export function applyLibraryAgents(loaded, libraryAgents) {
     applyLibraryEntries(loaded, libraryAgents, {});
 }
-function toQueueEntry(job) {
-    return {
-        jobId: job.id,
-        status: job.status,
-        blockedReason: job.status === 'blocked_auth' ? 'oauth_required' : undefined,
-        requiredServers: job.status === 'blocked_auth' ? job.blockedAuthServers ?? [] : undefined,
-        runParams: {
-            configPath: job.runParams.configPath,
-            runsPerScenario: job.runParams.runsPerScenario,
-            scenarioIds: job.runParams.scenarioIds ?? null,
-            agents: job.runParams.requestedAgents ?? null,
-            runNote: job.runParams.runNote ?? null,
-            serverOverrideAll: job.runParams.serverOverrideAll ?? null,
-            scenarioServerOverrides: job.runParams.scenarioServerOverrides ?? null
-        }
-    };
-}
-function buildQueueState(jobs, runQueueState) {
-    const activeJob = runQueueState.activeJobId ? jobs.get(runQueueState.activeJobId) : null;
-    const queuedEntries = runQueueState.queue
-        .map((id) => jobs.get(id))
-        .filter((j) => !!j && (j.status === 'queued' || j.status === 'blocked_auth'))
-        .map((job) => toQueueEntry(job));
-    return {
-        active: activeJob ? toQueueEntry(activeJob) : null,
-        queued: queuedEntries
-    };
-}
-function emitQueueEvent(jobs, runQueueState, deps) {
-    const event = {
-        type: 'queue_event',
-        ts: new Date().toISOString(),
-        payload: { event: buildQueueState(jobs, runQueueState) }
-    };
-    for (const client of Array.from(runQueueState.clients)) {
-        if (client.destroyed || client.writableEnded) {
-            runQueueState.clients.delete(client);
-            continue;
-        }
-        try {
-            deps.sendSseEvent(client, event);
-        }
-        catch {
-            runQueueState.clients.delete(client);
-        }
-    }
-}
 export async function handleRunsRoutes(params) {
-    const { req, res, pathname, method, settings, jobs, runQueueState, oauthSessionManager, deps } = params;
+    const { req, res, pathname, method, settings, runQueueService, oauthSessionManager, deps } = params;
     const { parseBody, asJson, addJobEvent, sendSseEvent, ensureInsideRoot, listRuns, getRunResults, getScenarioRunTraceRecords, selectScenarioIds, expandConfigForAgents, resolveRunSelectedAgents, readLibraries, pickDefaultAssistantAgentName, pkgVersion } = deps;
     if (pathname === '/api/runs' && method === 'GET') {
         const requestUrl = new URL(req.url ?? '/api/runs', 'http://localhost');
@@ -160,7 +93,7 @@ export async function handleRunsRoutes(params) {
     }
     if (pathname.startsWith('/api/runs/jobs/') && pathname.endsWith('/events') && method === 'GET') {
         const jobId = pathname.split('/')[4];
-        const job = jobs.get(jobId);
+        const job = runQueueService.jobs.get(jobId);
         if (!job) {
             asJson(res, 404, { error: 'Job not found' });
             return true;
@@ -186,42 +119,16 @@ export async function handleRunsRoutes(params) {
     }
     if (pathname.startsWith('/api/runs/jobs/') && pathname.endsWith('/stop') && method === 'POST') {
         const jobId = pathname.split('/')[4];
-        const job = jobs.get(jobId);
-        if (!job) {
+        const result = runQueueService.stopJob(jobId, { hostHeader: req.headers.host });
+        if (!result) {
             asJson(res, 404, { error: 'Job not found' });
             return true;
         }
-        if (job.status === 'queued') {
-            const idx = runQueueState.queue.indexOf(jobId);
-            if (idx !== -1)
-                runQueueState.queue.splice(idx, 1);
-            job.status = 'stopped';
-            addJobEvent(job, {
-                type: 'error',
-                ts: new Date().toISOString(),
-                payload: { message: 'Run stopped before it started' }
-            });
-            for (const client of job.clients)
-                client.end();
-            job.clients.clear();
-            void advanceQueue(jobs, runQueueState, settings, oauthSessionManager, deps, {
-                emitWhenIdle: true,
-                hostHeader: req.headers.host
-            });
-            asJson(res, 200, { ok: true, status: 'stopped' });
-            return true;
-        }
-        if (job.status !== 'running') {
-            asJson(res, 200, { ok: true, status: job.status });
-            return true;
-        }
-        job.abortController.abort();
-        job.status = 'stopped';
-        asJson(res, 200, { ok: true, status: 'stopped' });
+        asJson(res, 200, result);
         return true;
     }
     if (pathname === '/api/runs/queue' && method === 'GET') {
-        asJson(res, 200, buildQueueState(jobs, runQueueState));
+        asJson(res, 200, runQueueService.getQueueState());
         return true;
     }
     if (pathname === '/api/runs/queue/events' && method === 'GET') {
@@ -232,58 +139,27 @@ export async function handleRunsRoutes(params) {
         if ('flushHeaders' in res && typeof res.flushHeaders === 'function') {
             res.flushHeaders();
         }
-        sendSseEvent(res, {
-            type: 'queue_event',
-            ts: new Date().toISOString(),
-            payload: { event: buildQueueState(jobs, runQueueState) }
-        });
-        runQueueState.clients.add(res);
-        req.on('close', () => {
-            runQueueState.clients.delete(res);
-        });
+        runQueueService.subscribeQueue(req, res);
         return true;
     }
     if (pathname.startsWith('/api/runs/queue/') &&
         method === 'DELETE' &&
         pathname.split('/').length === 5) {
         const jobId = pathname.split('/')[4];
-        const job = jobs.get(jobId);
-        if (!job) {
+        const result = runQueueService.removeQueuedJob(jobId, { hostHeader: req.headers.host });
+        if (!result) {
             asJson(res, 404, { error: 'Job not found' });
             return true;
         }
-        if (job.status === 'running') {
-            asJson(res, 400, { error: 'Cannot remove a running job. Use the /stop endpoint instead.' });
+        if ('error' in result) {
+            asJson(res, result.statusCode, { error: result.error });
             return true;
         }
-        if (job.status !== 'queued' && job.status !== 'blocked_auth') {
-            asJson(res, 404, { error: 'Job is not queued' });
-            return true;
-        }
-        const idx = runQueueState.queue.indexOf(jobId);
-        if (idx !== -1)
-            runQueueState.queue.splice(idx, 1);
-        job.status = 'stopped';
-        addJobEvent(job, {
-            type: 'error',
-            ts: new Date().toISOString(),
-            payload: { message: 'Removed from queue by user' }
-        });
-        for (const client of job.clients)
-            client.end();
-        job.clients.clear();
-        void advanceQueue(jobs, runQueueState, settings, oauthSessionManager, deps, {
-            emitWhenIdle: true,
-            hostHeader: req.headers.host
-        });
-        asJson(res, 200, { ok: true, jobId, status: 'stopped' });
+        asJson(res, 200, result);
         return true;
     }
     if (pathname === '/api/runs/queue/resume' && method === 'POST') {
-        void advanceQueue(jobs, runQueueState, settings, oauthSessionManager, deps, {
-            emitWhenIdle: true,
-            hostHeader: req.headers.host
-        });
+        runQueueService.resumeBlockedJobs({ hostHeader: req.headers.host });
         asJson(res, 200, { ok: true });
         return true;
     }
@@ -373,7 +249,6 @@ export async function handleRunsRoutes(params) {
         }
         // Resolve lazily in advanceQueue so runtime overrides are always reflected.
         const oauthServerNames = undefined;
-        const jobId = `run-${Date.now()}-${randomUUID().slice(0, 8)}`;
         const runParamsObj = {
             configPath,
             runsPerScenario,
@@ -385,44 +260,8 @@ export async function handleRunsRoutes(params) {
             serverOverrideAll,
             scenarioServerOverrides
         };
-        const job = {
-            id: jobId,
-            status: 'queued',
-            events: [],
-            clients: new Set(),
-            abortController: new AbortController(),
-            runParams: runParamsObj
-        };
-        jobs.set(jobId, job);
-        if (runQueueState.activeJobId) {
-            // Another job is running — queue and emit position
-            runQueueState.queue.push(jobId);
-            addJobEvent(job, {
-                type: 'queued',
-                ts: new Date().toISOString(),
-                payload: {
-                    configPath,
-                    runsPerScenario,
-                    scenarioId: scenarioId ?? null,
-                    scenarioIds: scenarioIds ?? null,
-                    agents: requestedAgents ?? null,
-                    runNote: runNote ?? null,
-                    serverOverrideAll: serverOverrideAll ?? null,
-                    scenarioServerOverrides: scenarioServerOverrides ?? null,
-                    position: runQueueState.queue.length
-                }
-            });
-            emitQueueEvent(jobs, runQueueState, deps);
-            asJson(res, 202, { jobId, queued: true, position: runQueueState.queue.length });
-        }
-        else {
-            // No active job — add to queue and let advanceQueue handle start (with OAuth pre-check)
-            runQueueState.queue.push(jobId);
-            asJson(res, 202, { jobId });
-            void advanceQueue(jobs, runQueueState, settings, oauthSessionManager, deps, {
-                hostHeader: req.headers.host
-            });
-        }
+        const response = runQueueService.enqueueRun(runParamsObj, { hostHeader: req.headers.host });
+        asJson(res, 202, response);
         return true;
     }
     if (pathname === '/api/runs/preview' && method === 'POST') {
@@ -512,6 +351,7 @@ export async function handleRunsRoutes(params) {
                 configHash: hashConfig(previewConfigBase),
                 cliVersion: pkgVersion,
                 runsDir: resolve(previewRunsRoot),
+                cwd: settings.workspaceRoot,
                 mcpServerAuthHeaders
             });
             const scenario = results.scenarios[0];
@@ -736,549 +576,6 @@ function toCoreExtractRules(extractRules) {
     }
     return rules;
 }
-function resolveOAuthServersForJob(job, librariesDir) {
-    if (job.runParams.oauthServerNames !== undefined)
-        return job.runParams.oauthServerNames;
-    try {
-        const loaded = loadConfig(job.runParams.configPath, { bundleRoot: librariesDir });
-        const libraries = readLibrariesFromStore(librariesDir);
-        applyLibraryEntries(loaded, libraries.agents, libraries.servers);
-        const selected = job.runParams.scenarioIds?.length
-            ? selectScenarioIds(loaded.config, job.runParams.scenarioIds)
-            : job.runParams.scenarioId
-                ? selectScenarioIds(loaded.config, [job.runParams.scenarioId])
-                : loaded.config;
-        const filteredScenarioOverrides = filterScenarioOverridesToSelectedScenarios(selected, job.runParams.scenarioServerOverrides);
-        const withOverrides = applyRuntimeServerOverrides(selected, {
-            serverOverrideAll: job.runParams.serverOverrideAll,
-            scenarioServerOverrides: filteredScenarioOverrides
-        });
-        const effectiveServers = new Set(withOverrides.scenarios.flatMap((scenario) => scenario.servers));
-        const names = Array.from(effectiveServers).filter((name) => {
-            const config = withOverrides.servers?.[name];
-            return config?.auth?.type === 'oauth_authorization_code';
-        });
-        job.runParams.oauthServerNames = names;
-        return names;
-    }
-    catch (error) {
-        const message = error instanceof Error ? error.message : String(error);
-        if (message.includes('Unknown server refs') ||
-            message.includes('Unknown scenarios in scenarioServerOverrides') ||
-            message.includes('serverOverrideAll must include at least one server id')) {
-            throw error;
-        }
-        console.warn(`[mcplab] Failed to resolve OAuth servers for queued job '${job.id}': ${message}`);
-        return [];
-    }
-}
-async function advanceQueue(jobs, runQueueState, settings, oauthSessionManager, deps, options) {
-    if (runQueueState.activeJobId) {
-        if (options?.emitWhenIdle)
-            emitQueueEvent(jobs, runQueueState, deps);
-        return;
-    }
-    if (runQueueState.isAdvancingQueue) {
-        if (options?.emitWhenIdle)
-            emitQueueEvent(jobs, runQueueState, deps);
-        return;
-    }
-    runQueueState.isAdvancingQueue = true;
-    let queueMutated = false;
-    try {
-        while (runQueueState.queue.length > 0) {
-            const nextId = runQueueState.queue[0]; // peek — do not shift yet
-            const nextJob = jobs.get(nextId);
-            if (!nextJob || (nextJob.status !== 'queued' && nextJob.status !== 'blocked_auth')) {
-                runQueueState.queue.shift();
-                queueMutated = true;
-                continue;
-            }
-            // Pre-check OAuth before starting
-            let oauthServers = [];
-            try {
-                oauthServers = resolveOAuthServersForJob(nextJob, settings.librariesDir);
-            }
-            catch (error) {
-                runQueueState.queue.shift();
-                nextJob.status = 'error';
-                deps.addJobEvent(nextJob, {
-                    type: 'error',
-                    ts: new Date().toISOString(),
-                    payload: {
-                        message: error instanceof Error ? error.message : String(error)
-                    }
-                });
-                for (const client of nextJob.clients)
-                    client.end();
-                nextJob.clients.clear();
-                queueMutated = true;
-                continue;
-            }
-            if (oauthServers.length > 0) {
-                const ensureResult = await oauthSessionManager.ensureServersAuthorized(oauthServers, options?.hostHeader);
-                const needsAuth = ensureResult.servers.filter((s) => s.status === 'auth_required');
-                if (needsAuth.length > 0) {
-                    const needsAuthNames = needsAuth.map((s) => s.serverName);
-                    const wasBlocked = nextJob.status === 'blocked_auth';
-                    const prevBlockedServers = nextJob.blockedAuthServers ?? [];
-                    const prevKey = [...prevBlockedServers].sort().join('|');
-                    const nextKey = [...needsAuthNames].sort().join('|');
-                    const blockedSetChanged = prevKey !== nextKey;
-                    nextJob.blockedAuthServers = needsAuthNames; // always refresh to current missing subset
-                    if (!wasBlocked) {
-                        nextJob.status = 'blocked_auth';
-                    }
-                    if (!wasBlocked || blockedSetChanged) {
-                        deps.addJobEvent(nextJob, {
-                            type: 'oauth_required',
-                            ts: new Date().toISOString(),
-                            payload: {
-                                jobId: nextJob.id,
-                                servers: needsAuthNames,
-                                message: `OAuth login required for server(s): ${needsAuthNames.join(', ')}.`
-                            }
-                        });
-                    }
-                    queueMutated = true;
-                    emitQueueEvent(jobs, runQueueState, deps);
-                    return; // pause — frontend must call /api/runs/queue/resume after auth
-                }
-                const readyServers = ensureResult.servers
-                    .filter((s) => s.status === 'ready')
-                    .map((s) => {
-                    const mode = s.debugState ?? 'unknown';
-                    return `${s.serverName} (${mode})`;
-                });
-                if (readyServers.length > 0) {
-                    deps.addJobEvent(nextJob, {
-                        type: 'log',
-                        ts: new Date().toISOString(),
-                        payload: {
-                            message: `OAuth credentials ready for queued run: ${readyServers.join(', ')}`
-                        }
-                    });
-                }
-            }
-            // OAuth ready (or not required) — start the job
-            runQueueState.queue.shift();
-            nextJob.status = 'running';
-            runQueueState.activeJobId = nextId;
-            deps.addJobEvent(nextJob, {
-                type: 'started',
-                ts: new Date().toISOString(),
-                payload: {
-                    configPath: nextJob.runParams.configPath,
-                    runsPerScenario: nextJob.runParams.runsPerScenario,
-                    scenarioId: nextJob.runParams.scenarioId ?? null,
-                    scenarioIds: nextJob.runParams.scenarioIds ?? null,
-                    agents: nextJob.runParams.requestedAgents ?? null,
-                    runNote: nextJob.runParams.runNote ?? null,
-                    serverOverrideAll: nextJob.runParams.serverOverrideAll ?? null,
-                    scenarioServerOverrides: nextJob.runParams.scenarioServerOverrides ?? null
-                }
-            });
-            queueMutated = true;
-            emitQueueEvent(jobs, runQueueState, deps);
-            void executeRunJob(nextJob, settings, jobs, runQueueState, oauthSessionManager, deps);
-            return;
-        }
-        if (queueMutated || options?.emitWhenIdle) {
-            emitQueueEvent(jobs, runQueueState, deps);
-        }
-    }
-    finally {
-        runQueueState.isAdvancingQueue = false;
-    }
-}
-async function executeRunJob(job, settings, jobs, runQueueState, oauthSessionManager, deps) {
-    const { addJobEvent, getScenarioRunTraceRecords, selectScenarioIds, expandConfigForAgents, resolveRunSelectedAgents, readLibraries, pkgVersion } = deps;
-    const { configPath, runsPerScenario, scenarioId, scenarioIds, requestedAgents, runNote, serverOverrideAll, scenarioServerOverrides } = job.runParams;
-    try {
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: { message: `Loading MCP Evaluation config: ${configPath}` }
-        });
-        const loaded = loadConfig(configPath, { bundleRoot: settings.librariesDir });
-        const { agents: libraryAgents, servers: libraryServers } = readLibraries(settings.librariesDir);
-        applyLibraryEntries(loaded, libraryAgents, libraryServers);
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: `Loaded config (${loaded.config.scenarios.length} scenario(s), ${Object.keys(loaded.config.agents ?? {}).length} agent(s), ${Object.keys(loaded.config.servers ?? {}).length} server(s))`
-            }
-        });
-        for (const warning of loaded.warnings ?? []) {
-            addJobEvent(job, {
-                type: 'log',
-                ts: new Date().toISOString(),
-                payload: { message: warning }
-            });
-        }
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: scenarioIds && scenarioIds.length > 0
-                    ? `Selecting requested scenarios: ${scenarioIds.join(', ')}`
-                    : scenarioId
-                        ? `Selecting requested scenario: ${scenarioId}`
-                        : 'Using all scenarios from config'
-            }
-        });
-        const selectedBaseScenarios = selectScenarioIds(loaded.config, scenarioIds && scenarioIds.length > 0 ? scenarioIds : scenarioId ? [scenarioId] : undefined);
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: `Selected ${selectedBaseScenarios.scenarios.length} base scenario(s)`
-            }
-        });
-        const filteredScenarioOverrides = filterScenarioOverridesToSelectedScenarios(selectedBaseScenarios, scenarioServerOverrides);
-        const runtimeOverriddenConfig = applyRuntimeServerOverrides(selectedBaseScenarios, {
-            serverOverrideAll,
-            scenarioServerOverrides: filteredScenarioOverrides
-        });
-        const effectiveConfigHash = hashConfig(runtimeOverriddenConfig);
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: `Applied runtime server overrides: global=${serverOverrideAll?.length ?? 0} scenario-specific=${Object.keys(filteredScenarioOverrides ?? {}).length}`
-            }
-        });
-        const effectiveScenarioServers = runtimeOverriddenConfig.scenarios
-            .map((scenario) => `${scenario.id}=[${scenario.servers.join(', ')}]`)
-            .join('; ');
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: `Effective MCP servers per scenario: ${effectiveScenarioServers || '(none)'}`
-            }
-        });
-        const resolvedAgents = resolveRunSelectedAgents(runtimeOverriddenConfig, requestedAgents);
-        const resolvedAgentList = Array.isArray(resolvedAgents) ? resolvedAgents : [];
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: requestedAgents && requestedAgents.length > 0
-                    ? `Using requested agents: ${resolvedAgentList.join(', ')}`
-                    : `Using resolved default agents: ${resolvedAgentList.join(', ')}`
-            }
-        });
-        const expandedConfig = expandConfigForAgents(runtimeOverriddenConfig, resolvedAgents);
-        addJobEvent(job, {
-            type: 'log',
-            ts: new Date().toISOString(),
-            payload: {
-                message: `Expanded to ${expandedConfig.scenarios.length} executable scenario run(s) across selected agents`
-            }
-        });
-        const usedServerNames = new Set(expandedConfig.scenarios.flatMap((scenario) => scenario.servers));
-        const oauthServers = Array.from(usedServerNames).filter((serverName) => expandedConfig.servers[serverName]?.auth?.type === 'oauth_authorization_code');
-        const oauthServerSet = new Set(oauthServers);
-        const mcpServerAuthHeaders = oauthServers.length > 0
-            ? await oauthSessionManager.getAuthHeadersForServers(oauthServers, undefined)
-            : undefined;
-        if (oauthServers.length > 0) {
-            addJobEvent(job, {
-                type: 'log',
-                ts: new Date().toISOString(),
-                payload: {
-                    message: `OAuth runtime credentials resolved for server(s): ${oauthServers.join(', ')}`
-                }
-            });
-        }
-        const cwdBefore = process.cwd();
-        process.chdir(settings.workspaceRoot);
-        try {
-            addJobEvent(job, {
-                type: 'log',
-                ts: new Date().toISOString(),
-                payload: {
-                    message: `Running evaluation (${runsPerScenario} run(s) per scenario) ...`
-                }
-            });
-            if (runNote) {
-                addJobEvent(job, {
-                    type: 'log',
-                    ts: new Date().toISOString(),
-                    payload: { message: `Run note: ${runNote}` }
-                });
-            }
-            const { runDir, results } = await runAll(expandedConfig, {
-                runsPerScenario,
-                scenarioId,
-                runNote,
-                configHash: effectiveConfigHash,
-                cliVersion: pkgVersion,
-                runsDir: settings.runsDir,
-                mcpServerAuthHeaders,
-                resolveMcpServerAuthHeaders: oauthServers.length > 0
-                    ? async (serverNames, options) => {
-                        if (options?.signal?.aborted)
-                            return {};
-                        const namesToRefresh = serverNames.filter((name) => oauthServerSet.has(name));
-                        if (namesToRefresh.length === 0)
-                            return {};
-                        return oauthSessionManager.getAuthHeadersForServers(namesToRefresh);
-                    }
-                    : undefined,
-                signal: job.abortController.signal,
-                onProgress: async (event) => {
-                    const message = formatRunProgressMessage(event);
-                    if (!message)
-                        return;
-                    addJobEvent(job, {
-                        type: 'log',
-                        ts: new Date().toISOString(),
-                        payload: { message }
-                    });
-                }
-            });
-            const relativeConfigPathRaw = relative(settings.evalsDir, configPath);
-            const relativeConfigPath = relativeConfigPathRaw.replace(/\\/g, '/').replace(/^\.\/+/, '');
-            results.metadata.config_path = relativeConfigPath || configPath;
-            if (loaded.config.name && loaded.config.name.trim().length > 0) {
-                results.metadata.config_name = loaded.config.name.trim();
-            }
-            results.metadata.rerun_agents = [...resolvedAgentList];
-            results.metadata.rerun_scenario_ids = selectedBaseScenarios.scenarios.map((scenario) => scenario.id);
-            if (serverOverrideAll && serverOverrideAll.length > 0) {
-                results.metadata.rerun_server_override_all = [...serverOverrideAll];
-            }
-            else {
-                delete results.metadata.rerun_server_override_all;
-            }
-            if (filteredScenarioOverrides && Object.keys(filteredScenarioOverrides).length > 0) {
-                results.metadata.rerun_scenario_server_overrides = Object.fromEntries(Object.entries(filteredScenarioOverrides).map(([scenarioKey, serverIds]) => [
-                    scenarioKey,
-                    [...serverIds]
-                ]));
-            }
-            else {
-                delete results.metadata.rerun_scenario_server_overrides;
-            }
-            addJobEvent(job, {
-                type: 'log',
-                ts: new Date().toISOString(),
-                payload: {
-                    message: `Evaluation execution finished (run id: ${results.metadata.run_id})`
-                }
-            });
-            addJobEvent(job, {
-                type: 'log',
-                ts: new Date().toISOString(),
-                payload: { message: `Writing results to ${runDir}` }
-            });
-            const traceRecords = getScenarioRunTraceRecords(results.metadata.run_id, settings.runsDir);
-            results.metadata.tool_tokens_total = estimateRunToolTokensTotal(traceRecords);
-            writeFileSync(join(runDir, 'results.json'), `${JSON.stringify(results, null, 2)}\n`, 'utf8');
-            writeFileSync(join(runDir, 'report.html'), renderReport(results), 'utf8');
-            writeFileSync(join(runDir, 'summary.md'), renderSummaryMarkdown(results), 'utf8');
-            addJobEvent(job, {
-                type: 'log',
-                ts: new Date().toISOString(),
-                payload: {
-                    message: `Run finished: ${results.summary.total_runs} run(s), pass rate ${Math.round(results.summary.pass_rate * 100)}%`
-                }
-            });
-            addJobEvent(job, {
-                type: 'completed',
-                ts: new Date().toISOString(),
-                payload: {
-                    runId: results.metadata.run_id,
-                    runDir,
-                    summary: results.summary
-                }
-            });
-            job.status = 'completed';
-        }
-        finally {
-            process.chdir(cwdBefore);
-        }
-    }
-    catch (error) {
-        if (error instanceof OAuthAuthorizationRequiredError) {
-            const blockedServers = Array.from(new Set(error.details.map((detail) => detail.serverName).filter(Boolean)));
-            const aborted = job.abortController.signal.aborted || job.status === 'stopped';
-            if (!aborted && blockedServers.length > 0) {
-                job.blockedAuthServers = blockedServers;
-                job.status = 'blocked_auth';
-                if (!runQueueState.queue.includes(job.id)) {
-                    runQueueState.queue.unshift(job.id);
-                }
-                addJobEvent(job, {
-                    type: 'oauth_required',
-                    ts: new Date().toISOString(),
-                    payload: {
-                        jobId: job.id,
-                        servers: blockedServers,
-                        message: `OAuth login required for server(s): ${blockedServers.join(', ')}.`
-                    }
-                });
-                return;
-            }
-        }
-        const normalizedError = error instanceof OAuthAuthorizationRequiredError
-            ? new Error(error.details[0]?.message || error.message)
-            : error;
-        const aborted = job.abortController.signal.aborted || job.status === 'stopped';
-        addJobEvent(job, {
-            type: 'error',
-            ts: new Date().toISOString(),
-            payload: {
-                message: aborted
-                    ? 'Run aborted by user'
-                    : normalizedError instanceof Error
-                        ? normalizedError.message
-                        : String(normalizedError)
-            }
-        });
-        job.status = aborted ? 'stopped' : 'error';
-    }
-    finally {
-        runQueueState.activeJobId = null;
-        if (job.status !== 'blocked_auth') {
-            for (const client of job.clients)
-                client.end();
-            job.clients.clear();
-        }
-        void advanceQueue(jobs, runQueueState, settings, oauthSessionManager, deps, {
-            emitWhenIdle: true
-        }).catch((error) => {
-            console.warn(`[mcplab] Failed to advance run queue after job '${job.id}': ${error instanceof Error ? error.message : String(error)}`);
-        });
-        pruneOldJobs(jobs, runQueueState);
-    }
-}
-function splitInteger(total, parts) {
-    if (!Number.isFinite(total) || !parts || parts <= 0)
-        return Array(parts).fill(0);
-    const safeTotal = Math.max(0, Math.round(total ?? 0));
-    const base = Math.floor(safeTotal / parts);
-    let remainder = safeTotal % parts;
-    return Array.from({ length: parts }, () => {
-        const value = base + (remainder > 0 ? 1 : 0);
-        if (remainder > 0)
-            remainder -= 1;
-        return value;
-    });
-}
-function estimateRunToolTokensTotal(records) {
-    let total = 0;
-    let hasAny = false;
-    for (const record of records) {
-        const toolUsesById = new Map();
-        for (const message of record.messages ?? []) {
-            const toolUses = message.content.filter((block) => block.type === 'tool_use');
-            if (toolUses.length > 0) {
-                for (const toolUse of toolUses)
-                    toolUsesById.set(toolUse.id, toolUse.name);
-                const allEstimated = toolUses.every((toolUse) => Boolean(toolUse.estimated_tokens));
-                if (allEstimated) {
-                    for (const toolUse of toolUses)
-                        total += toolUse.estimated_tokens?.total ?? 0;
-                    hasAny = true;
-                }
-                else if (toolUses.length === 1 && typeof message.usage?.total_tokens === 'number') {
-                    total += message.usage.total_tokens;
-                    hasAny = true;
-                }
-                else {
-                    const shares = splitInteger(message.usage?.total_tokens, toolUses.length);
-                    total += shares.reduce((sum, value) => sum + value, 0);
-                    if (typeof message.usage?.total_tokens === 'number')
-                        hasAny = true;
-                }
-            }
-            const toolResults = message.content.filter((block) => block.type === 'tool_result');
-            if (toolResults.length === 0)
-                continue;
-            const allEstimated = toolResults.every((result) => Boolean(result.estimated_tokens));
-            if (allEstimated) {
-                for (const result of toolResults)
-                    total += result.estimated_tokens?.total ?? 0;
-                hasAny = true;
-                continue;
-            }
-            if (toolResults.length === 1) {
-                const [result] = toolResults;
-                if (result &&
-                    toolUsesById.has(result.tool_use_id) &&
-                    typeof message.usage?.total_tokens === 'number') {
-                    total += message.usage.total_tokens;
-                    hasAny = true;
-                    continue;
-                }
-            }
-            const knownResults = toolResults.filter((result) => toolUsesById.has(result.tool_use_id));
-            if (knownResults.length === 0)
-                continue;
-            const shares = splitInteger(message.usage?.total_tokens, knownResults.length);
-            total += shares.reduce((sum, value) => sum + value, 0);
-            if (typeof message.usage?.total_tokens === 'number')
-                hasAny = true;
-        }
-    }
-    return hasAny ? total : null;
-}
-function pruneOldJobs(jobs, runQueueState) {
-    const maxAgeMs = 30 * 60_000;
-    const now = Date.now();
-    const activeIds = new Set([runQueueState.activeJobId, ...runQueueState.queue].filter(Boolean));
-    for (const [id, job] of jobs) {
-        if (activeIds.has(id))
-            continue;
-        if (job.status !== 'completed' && job.status !== 'error' && job.status !== 'stopped')
-            continue;
-        const lastEvent = job.events[job.events.length - 1];
-        if (!lastEvent)
-            continue;
-        if (now - new Date(lastEvent.ts).getTime() > maxAgeMs) {
-            jobs.delete(id);
-        }
-    }
-}
-function formatRunProgressMessage(event) {
-    switch (event.type) {
-        case 'run_started':
-            return `Run initialized (id: ${event.runId}, ${event.totalScenarioRuns} scenario run(s))`;
-        case 'mcp_connect_started':
-            return `Connecting to ${event.serverCount} MCP server(s): ${event.serverNames.join(', ')} ...`;
-        case 'mcp_connect_finished':
-            return `Connected to ${event.serverCount} MCP server(s): ${event.serverNames.join(', ')}`;
-        case 'scenario_run_started':
-            return `Scenario ${event.scenarioRunIndex}/${event.totalScenarioRuns} started: ${event.scenarioId} [agent=${event.agentName}, run=${event.runIndex + 1}/${event.runsPerScenario}]`;
-        case 'scenario_run_finished':
-            return `Scenario ${event.scenarioRunIndex}/${event.totalScenarioRuns} finished: ${event.scenarioId} [agent=${event.agentName}] -> ${event.pass ? 'PASS' : 'FAIL'} (${event.toolCallCount} tool call(s))`;
-        case 'agent_progress': {
-            const p = event.event;
-            switch (p.type) {
-                case 'llm_request_started':
-                    return `LLM turn ${p.turn + 1} started for ${p.scenarioId} [${p.agentName}] (${p.provider}/${p.model})`;
-                case 'llm_response_received':
-                    return `LLM turn ${p.turn + 1} response for ${p.scenarioId} [${p.agentName}] (text=${p.hasText ? 'yes' : 'no'}, tool_calls=${p.toolCallCount})`;
-                case 'tool_call_started':
-                    return `Tool call started: ${p.server}.${p.tool} (turn ${p.turn + 1})`;
-                case 'tool_call_finished':
-                    return `Tool call ${p.ok ? 'finished' : 'failed'}: ${p.server}.${p.tool} in ${p.durationMs}ms`;
-                case 'final_answer':
-                    return `Final answer produced for ${p.scenarioId} [${p.agentName}] (text=${p.hasText ? 'yes' : 'no'})`;
-                default:
-                    return null;
-            }
-        }
-        case 'run_finished':
-            return `Run finished (id: ${event.runId})`;
-        default:
-            return null;
-    }
-}
 function localMcplabMcpUrl() {
     const host = process.env.MCP_HOST || '127.0.0.1';
     const port = process.env.MCP_PORT || '3011';