npm - @intent-systems/nexus - Versions diffs - 2026.1.5-4 → 2026.1.5-8 - Mend

@intent-systems/nexus 2026.1.5-4 → 2026.1.5-8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (347) hide show

package/dist/credentials/store.js CHANGED Viewed

@@ -233,12 +233,7 @@ function resolveStorageField(storage, field) {
         return storage.fields?.accessToken ?? storage.fields?.token ?? null;
     return null;
 }
-async function readSecretFromStorage(record, field) {
-    const storage = record.storage;
-    if (storage.provider === "plaintext") {
-        const value = field === "key" ? record.key : field === "token" ? record.token : record.accessToken;
-        return typeof value === "string" && value.trim() ? value.trim() : null;
-    }
+async function readRawFromStorage(storage, field) {
     if (storage.provider === "keychain") {
         try {
             const { stdout } = await execFileAsync("security", [
@@ -256,6 +251,13 @@ async function readSecretFromStorage(record, field) {
             return null;
         }
     }
+    if (storage.provider === "env") {
+        const envValue = process.env[storage.var];
+        if (typeof envValue !== "string")
+            return null;
+        const trimmed = envValue.trim();
+        return trimmed ? trimmed : null;
+    }
     if (storage.provider === "1password") {
         const fieldName = resolveStorageField(storage, field);
         if (!fieldName)
@@ -272,7 +274,10 @@ async function readSecretFromStorage(record, field) {
     }
     if (storage.provider === "external") {
         try {
-            const { stdout } = await execAsync(storage.syncCommand);
+            const command = storage.command ?? storage.syncCommand;
+            if (!command)
+                return null;
+            const { stdout } = await execAsync(command);
             const trimmed = stdout.trim();
             return trimmed ? trimmed : null;
         }
@@ -282,6 +287,127 @@ async function readSecretFromStorage(record, field) {
     }
     return null;
 }
+async function readSecretFromStorage(record, field) {
+    const storage = record.storage;
+    const raw = await readRawFromStorage(storage, field);
+    if (!raw)
+        return null;
+    const wantsJson = storage.format === "json" || Boolean(storage.jsonPath);
+    if (!wantsJson)
+        return raw;
+    try {
+        const parsed = JSON.parse(raw);
+        const pathSpec = storage.jsonPath ?? field;
+        const resolved = resolveJsonPath(parsed, pathSpec);
+        if (typeof resolved === "string")
+            return resolved.trim() || null;
+        if (typeof resolved === "number")
+            return String(resolved);
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+function resolveJsonPath(value, pathSpec) {
+    const parts = pathSpec.split(".").filter(Boolean);
+    let current = value;
+    for (const part of parts) {
+        if (!current || typeof current !== "object")
+            return undefined;
+        const match = /^(.+?)\[(\d+)\]$/.exec(part);
+        if (match) {
+            const [, key, indexRaw] = match;
+            const index = Number.parseInt(indexRaw, 10);
+            if (Number.isNaN(index))
+                return undefined;
+            const next = current[key ?? ""];
+            if (!Array.isArray(next))
+                return undefined;
+            current = next[index];
+            continue;
+        }
+        current = current[part];
+    }
+    return current;
+}
+export function resolveDefaultEnvVar(params) {
+    const service = params.service.toLowerCase();
+    const type = params.type;
+    const known = {
+        anthropic: {
+            api_key: "ANTHROPIC_API_KEY",
+            token: "ANTHROPIC_OAUTH_TOKEN",
+            oauth: "ANTHROPIC_OAUTH_TOKEN",
+        },
+        openai: { api_key: "OPENAI_API_KEY" },
+        gemini: { api_key: "GEMINI_API_KEY" },
+        "brave-search": { api_key: "BRAVE_API_KEY" },
+        github: { token: "GITHUB_TOKEN" },
+        "github-copilot": { token: "COPILOT_GITHUB_TOKEN" },
+        discord: { token: "DISCORD_BOT_TOKEN" },
+        slack: { token: "SLACK_BOT_TOKEN" },
+        openrouter: { api_key: "OPENROUTER_API_KEY" },
+        zai: { api_key: "ZAI_API_KEY" },
+        minimax: { api_key: "MINIMAX_API_KEY", token: "MINIMAX_API_KEY" },
+        "openai-codex": { oauth: "NEXUS_OPENAI_CODEX_TOKEN" },
+        "google-antigravity": { oauth: "NEXUS_GOOGLE_ANTIGRAVITY_TOKEN" },
+        chutes: { oauth: "NEXUS_CHUTES_TOKEN" },
+        "nexus-cloud": { token: "NEXUS_CLOUD_TOKEN" },
+        "nexus-hub": { token: "NEXUS_HUB_TOKEN" },
+    };
+    const mapped = known[service]?.[type];
+    if (mapped)
+        return mapped;
+    const suffix = type === "api_key"
+        ? "API_KEY"
+        : type === "oauth"
+            ? "OAUTH_TOKEN"
+            : type === "token"
+                ? "TOKEN"
+                : "CONFIG";
+    const normalized = service.toUpperCase().replace(/[^A-Z0-9]+/g, "_");
+    return `NEXUS_${normalized}_${suffix}`;
+}
+export async function resolveOAuthBundle(record) {
+    if (record.type !== "oauth")
+        return {};
+    const raw = await readRawFromStorage(record.storage, "accessToken");
+    if (!raw)
+        return {};
+    const wantsJson = record.storage.format === "json" || Boolean(record.storage.jsonPath);
+    if (!wantsJson) {
+        return { accessToken: raw, expiresAt: record.expiresAt };
+    }
+    try {
+        const parsed = JSON.parse(raw);
+        if (record.storage.jsonPath) {
+            const access = resolveJsonPath(parsed, record.storage.jsonPath);
+            if (typeof access === "string") {
+                return { accessToken: access };
+            }
+        }
+        const accessToken = typeof parsed.accessToken === "string"
+            ? parsed.accessToken
+            : typeof parsed.access_token === "string"
+                ? parsed.access_token
+                : undefined;
+        const refreshToken = typeof parsed.refreshToken === "string"
+            ? parsed.refreshToken
+            : typeof parsed.refresh_token === "string"
+                ? parsed.refresh_token
+                : undefined;
+        const expiresAt = typeof parsed.expiresAt === "number" || typeof parsed.expiresAt === "string"
+            ? parsed.expiresAt
+            : typeof parsed.expires_at === "number" || typeof parsed.expires_at === "string"
+                ? parsed.expires_at
+                : undefined;
+        return { accessToken, refreshToken, expiresAt };
+    }
+    catch {
+        return {};
+    }
+}
 export async function storeKeychainSecret(params) {
     try {
         await execFileAsync("security", [

package/dist/daemon/launchd.js CHANGED Viewed

@@ -74,9 +74,23 @@ export async function readLaunchAgentProgramArguments(env) {
         const workingDirectory = workingDirMatch
             ? plistUnescape(workingDirMatch[1] ?? "").trim()
             : "";
+        const envMatch = plist.match(/<key>EnvironmentVariables<\/key>\s*<dict>([\s\S]*?)<\/dict>/i);
+        let environment;
+        if (envMatch) {
+            const entries = Array.from(envMatch[1].matchAll(/<key>([\s\S]*?)<\/key>\s*<string>([\s\S]*?)<\/string>/gi))
+                .map((match) => [
+                plistUnescape(match[1] ?? "").trim(),
+                plistUnescape(match[2] ?? "").trim(),
+            ])
+                .filter(([key, value]) => key && value);
+            if (entries.length > 0) {
+                environment = Object.fromEntries(entries);
+            }
+        }
         return {
             programArguments: args.filter(Boolean),
             ...(workingDirectory ? { workingDirectory } : {}),
+            ...(environment ? { environment } : {}),
         };
     }
     catch {

package/dist/entry.js CHANGED Viewed

File without changes

package/dist/gateway/server-browser.js CHANGED Viewed

@@ -1,11 +1,12 @@
 export async function startBrowserControlServerIfEnabled() {
-    if (process.env.NEXUS_SKIP_BROWSER_CONTROL_SERVER === "1" ||
-        process.env.NEXUS_SKIP_BROWSER_CONTROL_SERVER === "1")
+    if (process.env.NEXUS_SKIP_BROWSER_CONTROL_SERVER === "1")
         return null;
     // Lazy import: keeps startup fast, but still bundles for the embedded
     // gateway (bun --compile) via the static specifier path.
-    const override = (process.env.NEXUS_BROWSER_CONTROL_MODULE ?? process.env.NEXUS_BROWSER_CONTROL_MODULE)?.trim();
-    const mod = override ? await import(override) : await import("../browser/server.js");
+    const override = process.env.NEXUS_BROWSER_CONTROL_MODULE?.trim();
+    const mod = override
+        ? await import(override)
+        : await import("../browser/server.js");
     await mod.startBrowserControlServerFromConfig();
     return { stop: mod.stopBrowserControlServer };
 }

package/dist/gateway/server-methods/cron.js CHANGED Viewed

@@ -41,9 +41,19 @@ export const cronHandlers = {
     },
     "cron.update": async ({ params, respond, context }) => {
         const normalizedPatch = normalizeCronJobPatch(params?.patch);
-        const candidate = normalizedPatch && typeof params === "object" && params !== null
+        const withPatch = normalizedPatch && typeof params === "object" && params !== null
             ? { ...params, patch: normalizedPatch }
             : params;
+        const candidate = withPatch && typeof withPatch === "object" && withPatch !== null
+            ? (() => {
+                const entry = withPatch;
+                if (!entry.id && entry.jobId) {
+                    const { jobId, ...rest } = entry;
+                    return { ...rest, id: jobId };
+                }
+                return entry;
+            })()
+            : withPatch;
         if (!validateCronUpdateParams(candidate)) {
             respond(false, undefined, errorShape(ErrorCodes.INVALID_REQUEST, `invalid cron.update params: ${formatValidationErrors(validateCronUpdateParams.errors)}`));
             return;

package/dist/gateway/server.js CHANGED Viewed

@@ -2,10 +2,10 @@ import { randomUUID } from "node:crypto";
 import os from "node:os";
 import chalk from "chalk";
 import { WebSocketServer } from "ws";
-import { createSubagentRegistry } from "../agents/subagent-registry.js";
 import { DEFAULT_MODEL, DEFAULT_PROVIDER } from "../agents/defaults.js";
 import { loadModelCatalog, resetModelCatalogCacheForTest, } from "../agents/model-catalog.js";
 import { resolveConfiguredModelRef } from "../agents/model-selection.js";
+import { createSubagentRegistry } from "../agents/subagent-registry.js";
 import { CANVAS_HOST_PATH } from "../canvas-host/a2ui.js";
 import { createCanvasHostHandler, startCanvasHost, } from "../canvas-host/server.js";
 import { createDefaultDeps } from "../cli/deps.js";
@@ -256,7 +256,8 @@ export async function startGatewayServer(port = 18789, opts = {}) {
         allowTailscale,
     };
     let hooksConfig = resolveHooksConfig(cfgAtStart);
-    const canvasHostEnabled = process.env.NEXUS_SKIP_CANVAS_HOST !== "1" && cfgAtStart.canvasHost?.enabled !== false;
+    const canvasHostEnabled = process.env.NEXUS_SKIP_CANVAS_HOST !== "1" &&
+        cfgAtStart.canvasHost?.enabled !== false;
     assertGatewayAuthConfigured(resolvedAuth);
     if (tailscaleMode === "funnel" && authMode !== "password") {
         throw new Error("tailscale funnel requires gateway auth mode=password (set gateway.auth.password or NEXUS_GATEWAY_PASSWORD)");
@@ -464,7 +465,7 @@ export async function startGatewayServer(port = 18789, opts = {}) {
                 return resolveMainSessionKey(cfg);
             return resolveAgentMainSessionKey({ cfg, agentId });
         };
-        const enqueueCronSystemEvent = (text, opts) => {
+        const _enqueueCronSystemEvent = (text, opts) => {
             const sessionKey = resolveCronMainSessionKey(opts?.agentId);
             if (sessionKey) {
                 enqueueSystemEvent(text, { sessionKey });
@@ -586,7 +587,9 @@ export async function startGatewayServer(port = 18789, opts = {}) {
         }
         if (process.env.NEXUS_BRIDGE_PORT !== undefined) {
             const parsed = Number.parseInt(process.env.NEXUS_BRIDGE_PORT, 10);
-            return Number.isFinite(parsed) && parsed > 0 ? parsed : deriveDefaultBridgePort(port);
+            return Number.isFinite(parsed) && parsed > 0
+                ? parsed
+                : deriveDefaultBridgePort(port);
         }
         return deriveDefaultBridgePort(port);
     })();
@@ -1049,7 +1052,9 @@ export async function startGatewayServer(port = 18789, opts = {}) {
                         type: "hello-ok",
                         protocol: PROTOCOL_VERSION,
                         server: {
-                            version: process.env.NEXUS_VERSION ?? process.env.npm_package_version ?? "dev",
+                            version: process.env.NEXUS_VERSION ??
+                                process.env.npm_package_version ??
+                                "dev",
                             commit: process.env.GIT_COMMIT,
                             host: os.hostname(),
                             connId,
@@ -1240,7 +1245,8 @@ export async function startGatewayServer(port = 18789, opts = {}) {
     }
     // Launch configured channels (WhatsApp Web, Discord, Slack, Telegram) so gateway replies via the
     // surface the message came from. Tests can opt out via NEXUS_SKIP_CHANNELS (or legacy _PROVIDERS).
-    const skipChannels = process.env.NEXUS_SKIP_CHANNELS === "1" || process.env.NEXUS_SKIP_PROVIDERS === "1";
+    const skipChannels = process.env.NEXUS_SKIP_CHANNELS === "1" ||
+        process.env.NEXUS_SKIP_PROVIDERS === "1";
     if (!skipChannels) {
         try {
             await startProviders();
@@ -1315,7 +1321,8 @@ export async function startGatewayServer(port = 18789, opts = {}) {
             }
         }
         if (plan.restartProviders.size > 0) {
-            const skipChannelReload = process.env.NEXUS_SKIP_CHANNELS === "1" || process.env.NEXUS_SKIP_PROVIDERS === "1";
+            const skipChannelReload = process.env.NEXUS_SKIP_CHANNELS === "1" ||
+                process.env.NEXUS_SKIP_PROVIDERS === "1";
             if (skipChannelReload) {
                 logChannels.info("skipping channel reload (NEXUS_SKIP_CHANNELS=1)");
             }

package/dist/infra/bonjour.js CHANGED Viewed

@@ -2,7 +2,7 @@ import os from "node:os";
 import { logDebug, logWarn } from "../logger.js";
 import { getLogger } from "../logging.js";
 function isDisabledByEnv() {
-    if (process.env.NEXUS_DISABLE_BONJOUR === "1" || process.env.NEXUS_DISABLE_BONJOUR === "1")
+    if (process.env.NEXUS_DISABLE_BONJOUR === "1")
         return true;
     if (process.env.NODE_ENV === "test")
         return true;

package/dist/infra/event-log.js CHANGED Viewed

@@ -200,7 +200,11 @@ export function recordCliCommandFinish(status = "ok") {
 export function recordCliCommandFailure(error) {
     if (!cliSession?.activeCommand)
         return;
-    const message = error instanceof Error ? error.message : typeof error === "string" ? error : "unknown error";
+    const message = error instanceof Error
+        ? error.message
+        : typeof error === "string"
+            ? error
+            : "unknown error";
     writeEvent({
         id: createEventId(),
         ts: Date.now(),
@@ -227,7 +231,9 @@ export function recordCliSessionEnd(params) {
         invocation_kind: cliSession.invocationKind,
         status: params.status,
         error: params.error,
-        data: params.exitCode !== undefined ? { exit_code: params.exitCode } : undefined,
+        data: params.exitCode !== undefined
+            ? { exit_code: params.exitCode }
+            : undefined,
     });
     cliSession = null;
 }

package/dist/infra/path-env.js CHANGED Viewed

@@ -79,10 +79,9 @@ function candidateBinDirs(opts) {
  * under launchd/minimal environments (and inside the macOS bun bundle).
  */
 export function ensureNexusCliOnPath(opts = {}) {
-    if (process.env.NEXUS_PATH_BOOTSTRAPPED === "1" || process.env.NEXUS_PATH_BOOTSTRAPPED === "1")
+    if (process.env.NEXUS_PATH_BOOTSTRAPPED === "1")
         return;
     process.env.NEXUS_PATH_BOOTSTRAPPED = "1";
-    process.env.NEXUS_PATH_BOOTSTRAPPED = "1"; // keep for backward compat
     const existing = opts.pathEnv ?? process.env.PATH ?? "";
     const prepend = candidateBinDirs(opts);
     if (prepend.length === 0)

package/dist/infra/provider-usage.auth.js CHANGED Viewed

@@ -2,7 +2,7 @@ import fs from "node:fs";
 import os from "node:os";
 import path from "node:path";
 import { CLAUDE_CLI_PROFILE_ID, ensureAuthProfileStore, listProfilesForProvider, resolveApiKeyForProfile, resolveAuthProfileOrder, } from "../agents/auth-profiles.js";
-import { getCustomProviderApiKey, resolveEnvApiKey } from "../agents/model-auth.js";
+import { getCustomProviderApiKey, resolveEnvApiKey, } from "../agents/model-auth.js";
 import { normalizeProviderId } from "../agents/model-selection.js";
 import { loadConfig } from "../config/config.js";
 function parseGoogleToken(apiKey) {
@@ -53,7 +53,8 @@ function resolveZaiApiKey() {
     }
 }
 function resolveMinimaxApiKey() {
-    const envDirect = process.env.MINIMAX_CODE_PLAN_KEY?.trim() || process.env.MINIMAX_API_KEY?.trim();
+    const envDirect = process.env.MINIMAX_CODE_PLAN_KEY?.trim() ||
+        process.env.MINIMAX_API_KEY?.trim();
     if (envDirect)
         return envDirect;
     const envResolved = resolveEnvApiKey("minimax");
@@ -112,7 +113,8 @@ async function resolveOAuthToken(params) {
             if (!resolved?.apiKey)
                 continue;
             let token = resolved.apiKey;
-            if (params.provider === "google-gemini-cli" || params.provider === "google-antigravity") {
+            if (params.provider === "google-gemini-cli" ||
+                params.provider === "google-antigravity") {
                 const parsed = parseGoogleToken(resolved.apiKey);
                 token = parsed?.token ?? resolved.apiKey;
             }

package/dist/infra/provider-usage.fetch.claude.js CHANGED Viewed

@@ -1,7 +1,8 @@
 import { fetchJson } from "./provider-usage.fetch.shared.js";
 import { clampPercent, PROVIDER_LABELS } from "./provider-usage.shared.js";
 function resolveClaudeWebSessionKey() {
-    const direct = process.env.CLAUDE_AI_SESSION_KEY?.trim() ?? process.env.CLAUDE_WEB_SESSION_KEY?.trim();
+    const direct = process.env.CLAUDE_AI_SESSION_KEY?.trim() ??
+        process.env.CLAUDE_WEB_SESSION_KEY?.trim();
     if (direct?.startsWith("sk-ant-"))
         return direct;
     const cookieHeader = process.env.CLAUDE_WEB_COOKIE?.trim();
@@ -33,14 +34,18 @@ async function fetchClaudeWebUsage(sessionKey, timeoutMs, fetchFn) {
         windows.push({
             label: "5h",
             usedPercent: clampPercent(data.five_hour.utilization),
-            resetAt: data.five_hour.resets_at ? new Date(data.five_hour.resets_at).getTime() : undefined,
+            resetAt: data.five_hour.resets_at
+                ? new Date(data.five_hour.resets_at).getTime()
+                : undefined,
         });
     }
     if (data.seven_day?.utilization !== undefined) {
         windows.push({
             label: "Week",
             usedPercent: clampPercent(data.seven_day.utilization),
-            resetAt: data.seven_day.resets_at ? new Date(data.seven_day.resets_at).getTime() : undefined,
+            resetAt: data.seven_day.resets_at
+                ? new Date(data.seven_day.resets_at).getTime()
+                : undefined,
         });
     }
     const modelWindow = data.seven_day_sonnet || data.seven_day_opus;
@@ -82,7 +87,8 @@ export async function fetchClaudeUsage(token, timeoutMs, fetchFn) {
         // Claude CLI setup-token yields tokens that can be used for inference, but may not
         // include user:profile scope required by the OAuth usage endpoint. When a claude.ai
         // browser sessionKey is available, fall back to the web API.
-        if (res.status === 403 && message?.includes("scope requirement user:profile")) {
+        if (res.status === 403 &&
+            message?.includes("scope requirement user:profile")) {
             const sessionKey = resolveClaudeWebSessionKey();
             if (sessionKey) {
                 const web = await fetchClaudeWebUsage(sessionKey, timeoutMs, fetchFn);
@@ -104,14 +110,18 @@ export async function fetchClaudeUsage(token, timeoutMs, fetchFn) {
         windows.push({
             label: "5h",
             usedPercent: clampPercent(data.five_hour.utilization),
-            resetAt: data.five_hour.resets_at ? new Date(data.five_hour.resets_at).getTime() : undefined,
+            resetAt: data.five_hour.resets_at
+                ? new Date(data.five_hour.resets_at).getTime()
+                : undefined,
         });
     }
     if (data.seven_day?.utilization !== undefined) {
         windows.push({
             label: "Week",
             usedPercent: clampPercent(data.seven_day.utilization),
-            resetAt: data.seven_day.resets_at ? new Date(data.seven_day.resets_at).getTime() : undefined,
+            resetAt: data.seven_day.resets_at
+                ? new Date(data.seven_day.resets_at).getTime()
+                : undefined,
         });
     }
     const modelWindow = data.seven_day_sonnet || data.seven_day_opus;

package/dist/infra/provider-usage.fetch.minimax.js CHANGED Viewed

@@ -178,8 +178,12 @@ export async function fetchMinimaxUsage(apiKey, timeoutMs, fetchFn) {
             error: "Invalid JSON",
         };
     }
-    const baseResp = isRecord(data.base_resp) ? data.base_resp : undefined;
-    if (baseResp && typeof baseResp.status_code === "number" && baseResp.status_code !== 0) {
+    const baseResp = isRecord(data.base_resp)
+        ? data.base_resp
+        : undefined;
+    if (baseResp &&
+        typeof baseResp.status_code === "number" &&
+        baseResp.status_code !== 0) {
         return {
             provider: "minimax",
             displayName: PROVIDER_LABELS.minimax,
@@ -197,7 +201,8 @@ export async function fetchMinimaxUsage(apiKey, timeoutMs, fetchFn) {
             error: "Unsupported response shape",
         };
     }
-    const resetAt = parseEpoch(pickString(payload, RESET_KEYS)) ?? parseEpoch(pickNumber(payload, RESET_KEYS));
+    const resetAt = parseEpoch(pickString(payload, RESET_KEYS)) ??
+        parseEpoch(pickNumber(payload, RESET_KEYS));
     const windows = [
         {
             label: deriveWindowLabel(payload),

package/dist/infra/provider-usage.js CHANGED Viewed

@@ -1,8 +1,8 @@
-import { resolveProviderAuths } from "./provider-usage.auth.js";
+import { resolveProviderAuths, } from "./provider-usage.auth.js";
 import { fetchClaudeUsage } from "./provider-usage.fetch.claude.js";
 import { fetchMinimaxUsage } from "./provider-usage.fetch.minimax.js";
-import { clampPercent, PROVIDER_LABELS } from "./provider-usage.shared.js";
 import { fetchJson } from "./provider-usage.fetch.shared.js";
+import { clampPercent, PROVIDER_LABELS } from "./provider-usage.shared.js";
 function resolveProviders(params) {
     if (params.providers && params.providers.length > 0) {
         return params.providers;
@@ -50,7 +50,9 @@ async function fetchZaiUsage(apiKey, timeoutMs, fetchFn) {
     const limit = data?.data?.limits?.find((entry) => entry?.type === "TOKENS_LIMIT") ??
         data?.data?.limits?.[0];
     const usedPercent = clampPercent(limit?.percentage ?? 0);
-    const resetAt = limit?.nextResetTime ? Date.parse(limit.nextResetTime) : undefined;
+    const resetAt = limit?.nextResetTime
+        ? Date.parse(limit.nextResetTime)
+        : undefined;
     const windows = [];
     if (Number.isFinite(usedPercent)) {
         windows.push({
@@ -102,7 +104,7 @@ export async function loadProviderUsageSummary(params) {
     }
     return { updatedAt: now, providers: snapshots };
 }
-export function formatUsageSummaryLine(summary, opts = {}) {
+export function formatUsageSummaryLine(summary, _opts = {}) {
     const providers = summary.providers ?? [];
     let best;
     for (const provider of providers) {
@@ -133,7 +135,9 @@ export function formatUsageReportLines(summary, opts = {}) {
         }
         for (const window of provider.windows) {
             const remaining = Math.max(0, 100 - window.usedPercent);
-            const reset = window.resetAt ? formatResetLabel(window.resetAt, now) : null;
+            const reset = window.resetAt
+                ? formatResetLabel(window.resetAt, now)
+                : null;
             const extras = [provider.plan ? `plan ${provider.plan}` : null, reset]
                 .filter(Boolean)
                 .join(", ");

package/dist/infra/restart.js CHANGED Viewed

@@ -4,7 +4,7 @@ const DEFAULT_SYSTEMD_UNIT = "nexus-gateway.service";
 export function triggerNexusRestart() {
     if (process.platform !== "darwin") {
         if (process.platform === "linux") {
-            const unit = process.env.NEXUS_SYSTEMD_UNIT || process.env.NEXUS_SYSTEMD_UNIT || DEFAULT_SYSTEMD_UNIT;
+            const unit = process.env.NEXUS_SYSTEMD_UNIT || DEFAULT_SYSTEMD_UNIT;
             const userRestart = spawnSync("systemctl", ["--user", "restart", unit], {
                 stdio: "ignore",
             });
@@ -21,7 +21,7 @@ export function triggerNexusRestart() {
         }
         return "supervisor";
     }
-    const label = process.env.NEXUS_LAUNCHD_LABEL || process.env.NEXUS_LAUNCHD_LABEL || DEFAULT_LAUNCHD_LABEL;
+    const label = process.env.NEXUS_LAUNCHD_LABEL || DEFAULT_LAUNCHD_LABEL;
     const uid = typeof process.getuid === "function" ? process.getuid() : undefined;
     const target = uid !== undefined ? `gui/${uid}/${label}` : label;
     spawnSync("launchctl", ["kickstart", "-k", target], { stdio: "ignore" });

package/dist/infra/usage-settings.js ADDED Viewed

@@ -0,0 +1,78 @@
+const SETTINGS_URL_ENV = "NEXUS_USAGE_SETTINGS_URL";
+const UPLOAD_URL_ENV = "NEXUS_USAGE_UPLOAD_URL";
+const UPLOAD_TOKEN_ENV = "NEXUS_USAGE_UPLOAD_TOKEN";
+export function resolveUsageSettingsUrl(env = process.env) {
+    const override = env[SETTINGS_URL_ENV]?.trim();
+    if (override)
+        return override;
+    const uploadUrl = env[UPLOAD_URL_ENV]?.trim();
+    if (!uploadUrl)
+        return null;
+    return uploadUrl.replace(/\/api\/usage\/upload\/?$/, "/api/usage/settings");
+}
+function resolveAuthHeaders(env = process.env) {
+    const token = env[UPLOAD_TOKEN_ENV]?.trim();
+    if (!token)
+        return {};
+    return { Authorization: `Bearer ${token}` };
+}
+function parseSettingsResponse(payload) {
+    if (!payload || typeof payload !== "object")
+        return null;
+    const data = payload;
+    if (typeof data.canOptOut !== "boolean" || typeof data.optOut !== "boolean") {
+        return null;
+    }
+    return {
+        ok: typeof data.ok === "boolean" ? data.ok : true,
+        canOptOut: data.canOptOut,
+        optOut: data.optOut,
+        planName: typeof data.planName === "string" ? data.planName : undefined,
+        error: typeof data.error === "string" ? data.error : undefined,
+    };
+}
+export async function fetchUsageTrackingSettings(env = process.env) {
+    const url = resolveUsageSettingsUrl(env);
+    if (!url)
+        return null;
+    const headers = resolveAuthHeaders(env);
+    if (!headers.Authorization)
+        return null;
+    try {
+        const res = await fetch(url, { headers });
+        const payload = await res.json().catch(() => null);
+        const parsed = parseSettingsResponse(payload);
+        if (!parsed)
+            return null;
+        return { ...parsed, ok: res.ok && parsed.ok };
+    }
+    catch {
+        return null;
+    }
+}
+export async function updateUsageTrackingSettings(optOut, env = process.env) {
+    const url = resolveUsageSettingsUrl(env);
+    if (!url)
+        return null;
+    const headers = {
+        "Content-Type": "application/json",
+        ...resolveAuthHeaders(env),
+    };
+    if (!headers.Authorization)
+        return null;
+    try {
+        const res = await fetch(url, {
+            method: "POST",
+            headers,
+            body: JSON.stringify({ optOut }),
+        });
+        const payload = await res.json().catch(() => null);
+        const parsed = parseSettingsResponse(payload);
+        if (!parsed)
+            return null;
+        return { ...parsed, ok: res.ok && parsed.ok };
+    }
+    catch {
+        return null;
+    }
+}

package/dist/infra/usage-suggestions.js CHANGED Viewed

@@ -58,17 +58,26 @@ export async function loadUsageEvents(opts = {}) {
             catch {
                 continue;
             }
-            const sessionId = String(raw.session_id ?? "");
+            const sessionId = typeof raw.session_id === "string" || typeof raw.session_id === "number"
+                ? String(raw.session_id)
+                : "";
             const seq = Number(raw.seq ?? 0);
             const ts = Number(raw.ts ?? 0);
-            const source = String(raw.source ?? "");
-            if (!sessionId || !Number.isFinite(seq) || !Number.isFinite(ts) || !source) {
+            const source = typeof raw.source === "string" || typeof raw.source === "number"
+                ? String(raw.source)
+                : "";
+            if (!sessionId ||
+                !Number.isFinite(seq) ||
+                !Number.isFinite(ts) ||
+                !source) {
                 continue;
             }
             if (opts.sinceMs && ts < opts.sinceMs) {
                 continue;
             }
-            if (opts.sources && opts.sources.length > 0 && !opts.sources.includes(source)) {
+            if (opts.sources &&
+                opts.sources.length > 0 &&
+                !opts.sources.includes(source)) {
                 continue;
             }
             const evt = {
@@ -76,7 +85,10 @@ export async function loadUsageEvents(opts = {}) {
                 seq,
                 ts,
                 source,
-                eventType: String(raw.event_type ?? ""),
+                eventType: typeof raw.event_type === "string" ||
+                    typeof raw.event_type === "number"
+                    ? String(raw.event_type)
+                    : "",
                 commandPath: typeof raw.command_path === "string" ? raw.command_path : undefined,
                 stream: typeof raw.stream === "string" ? raw.stream : undefined,
                 data: raw.data && typeof raw.data === "object"