npm - @jagilber-org/index-server - Versions diffs - 1.22.1 → 1.26.1 - Mend

@jagilber-org/index-server 1.22.1 → 1.26.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (189) hide show

package/CHANGELOG.md +87 -2
package/CODE_OF_CONDUCT.md +2 -0
package/CONTRIBUTING.md +32 -2
package/README.md +82 -19
package/SECURITY.md +17 -5
package/dist/config/dashboardConfig.d.ts +3 -0
package/dist/config/dashboardConfig.js +3 -0
package/dist/config/defaultValues.d.ts +1 -1
package/dist/config/defaultValues.js +1 -1
package/dist/config/featureConfig.d.ts +2 -0
package/dist/config/featureConfig.js +6 -1
package/dist/config/runtimeConfig.d.ts +1 -1
package/dist/config/runtimeConfig.js +8 -9
package/dist/dashboard/client/admin.html +170 -53
package/dist/dashboard/client/css/admin.css +132 -0
package/dist/dashboard/client/js/admin.auth.js +25 -11
package/dist/dashboard/client/js/admin.config.js +1 -1
package/dist/dashboard/client/js/admin.feedback.js +328 -0
package/dist/dashboard/client/js/admin.graph.js +120 -18
package/dist/dashboard/client/js/admin.instructions.js +27 -13
package/dist/dashboard/client/js/admin.logs.js +1 -5
package/dist/dashboard/client/js/admin.maintenance.js +53 -8
package/dist/dashboard/client/js/admin.messaging.js +1 -4
package/dist/dashboard/client/js/admin.overview.js +5 -1
package/dist/dashboard/client/js/admin.sessions.js +1 -1
package/dist/dashboard/client/js/admin.utils.js +43 -1
package/dist/dashboard/client/js/mermaid.min.js +813 -537
package/dist/dashboard/export/DataExporter.js +2 -1
package/dist/dashboard/server/AdminPanel.d.ts +3 -0
package/dist/dashboard/server/AdminPanel.js +132 -35
package/dist/dashboard/server/ApiRoutes.js +40 -9
package/dist/dashboard/server/DashboardServer.js +1 -1
package/dist/dashboard/server/FileMetricsStorage.d.ts +19 -0
package/dist/dashboard/server/FileMetricsStorage.js +52 -5
package/dist/dashboard/server/HttpTransport.js +6 -0
package/dist/dashboard/server/InstanceManager.js +7 -2
package/dist/dashboard/server/KnowledgeStore.js +7 -2
package/dist/dashboard/server/MetricsCollector.d.ts +16 -0
package/dist/dashboard/server/MetricsCollector.js +113 -17
package/dist/dashboard/server/legacyDashboardHtml.js +7 -2
package/dist/dashboard/server/middleware/ensureLoadedMiddleware.d.ts +1 -1
package/dist/dashboard/server/middleware/ensureLoadedMiddleware.js +8 -3
package/dist/dashboard/server/routes/admin.feedback.routes.d.ts +15 -0
package/dist/dashboard/server/routes/admin.feedback.routes.js +188 -0
package/dist/dashboard/server/routes/admin.routes.js +35 -27
package/dist/dashboard/server/routes/alerts.routes.js +4 -3
package/dist/dashboard/server/routes/api.feedback.routes.js +2 -1
package/dist/dashboard/server/routes/api.usage.routes.js +8 -7
package/dist/dashboard/server/routes/embeddings.routes.d.ts +2 -1
package/dist/dashboard/server/routes/embeddings.routes.js +18 -9
package/dist/dashboard/server/routes/graph.routes.js +10 -13
package/dist/dashboard/server/routes/index.d.ts +1 -0
package/dist/dashboard/server/routes/index.js +74 -39
package/dist/dashboard/server/routes/instances.routes.js +2 -1
package/dist/dashboard/server/routes/instructions.routes.js +46 -27
package/dist/dashboard/server/routes/knowledge.routes.js +4 -3
package/dist/dashboard/server/routes/logs.routes.js +5 -4
package/dist/dashboard/server/routes/messaging.routes.js +15 -14
package/dist/dashboard/server/routes/metrics.routes.js +14 -13
package/dist/dashboard/server/routes/scripts.routes.js +6 -3
package/dist/dashboard/server/routes/status.routes.js +5 -4
package/dist/dashboard/server/routes/synthetic.routes.js +3 -2
package/dist/dashboard/server/routes/usage.routes.js +2 -1
package/dist/dashboard/server/utils/escapeHtml.d.ts +1 -0
package/dist/dashboard/server/utils/escapeHtml.js +11 -0
package/dist/dashboard/server/utils/pathContainment.d.ts +1 -0
package/dist/dashboard/server/utils/pathContainment.js +15 -0
package/dist/dashboard/server/wsInit.js +2 -2
package/dist/lib/mcpStdioLogging.d.ts +165 -0
package/dist/lib/mcpStdioLogging.js +287 -0
package/dist/schemas/index.d.ts +37 -2
package/dist/schemas/index.js +27 -3
package/dist/server/backgroundServicesStartup.d.ts +7 -1
package/dist/server/backgroundServicesStartup.js +25 -8
package/dist/server/certInit.d.ts +97 -0
package/dist/server/certInit.js +359 -0
package/dist/server/certInit.types.d.ts +92 -0
package/dist/server/certInit.types.js +34 -0
package/dist/server/handshake/fallbackFrames.d.ts +31 -0
package/dist/server/handshake/fallbackFrames.js +38 -0
package/dist/server/handshake/initializeDetector.d.ts +31 -0
package/dist/server/handshake/initializeDetector.js +88 -0
package/dist/server/handshake/protocol.d.ts +15 -0
package/dist/server/handshake/protocol.js +37 -0
package/dist/server/handshake/readyEmitter.d.ts +6 -0
package/dist/server/handshake/readyEmitter.js +88 -0
package/dist/server/handshake/safetyFallbacks.d.ts +1 -0
package/dist/server/handshake/safetyFallbacks.js +134 -0
package/dist/server/handshake/stdinSniffer.d.ts +1 -0
package/dist/server/handshake/stdinSniffer.js +260 -0
package/dist/server/handshake/tracing.d.ts +16 -0
package/dist/server/handshake/tracing.js +95 -0
package/dist/server/handshakeManager.d.ts +23 -23
package/dist/server/handshakeManager.js +36 -466
package/dist/server/index-server.d.ts +23 -0
package/dist/server/index-server.js +194 -9
package/dist/server/mcpReadOnlySurfaces.d.ts +44 -0
package/dist/server/mcpReadOnlySurfaces.js +297 -0
package/dist/server/sdkServer.js +69 -7
package/dist/server/transport.d.ts +5 -6
package/dist/server/transport.js +46 -64
package/dist/server/transportFactory.d.ts +3 -9
package/dist/server/transportFactory.js +18 -380
package/dist/services/atomicFs.d.ts +3 -0
package/dist/services/atomicFs.js +171 -13
package/dist/services/auditLog.d.ts +17 -2
package/dist/services/auditLog.js +75 -14
package/dist/services/bootstrapGating.js +1 -1
package/dist/services/categoryRules.d.ts +10 -0
package/dist/services/categoryRules.js +17 -0
package/dist/services/classificationService.js +7 -5
package/dist/services/embeddingService.d.ts +27 -11
package/dist/services/embeddingService.js +51 -14
package/dist/services/feedbackStorage.d.ts +39 -0
package/dist/services/feedbackStorage.js +88 -0
package/dist/services/handlers/instructions.add.js +429 -317
package/dist/services/handlers/instructions.groom.js +128 -31
package/dist/services/handlers/instructions.import.js +56 -23
package/dist/services/handlers/instructions.patch.js +43 -32
package/dist/services/handlers/instructions.query.js +20 -29
package/dist/services/handlers/instructions.shared.d.ts +54 -0
package/dist/services/handlers/instructions.shared.js +126 -1
package/dist/services/handlers.activation.js +83 -81
package/dist/services/handlers.dashboardConfig.d.ts +2 -2
package/dist/services/handlers.dashboardConfig.js +1 -2
package/dist/services/handlers.diagnostics.js +75 -54
package/dist/services/handlers.feedback.d.ts +4 -11
package/dist/services/handlers.feedback.js +11 -333
package/dist/services/handlers.gates.js +69 -37
package/dist/services/handlers.graph.js +2 -2
package/dist/services/handlers.help.js +2 -2
package/dist/services/handlers.instructionSchema.js +4 -2
package/dist/services/handlers.integrity.js +42 -22
package/dist/services/handlers.messaging.js +1 -1
package/dist/services/handlers.metrics.js +51 -6
package/dist/services/handlers.prompt.js +10 -2
package/dist/services/handlers.search.js +94 -44
package/dist/services/handlers.trace.js +1 -1
package/dist/services/handlers.usage.js +38 -7
package/dist/services/indexContext.d.ts +21 -1
package/dist/services/indexContext.js +263 -78
package/dist/services/indexLoader.d.ts +1 -0
package/dist/services/indexLoader.js +28 -8
package/dist/services/instructionRecordValidation.d.ts +39 -0
package/dist/services/instructionRecordValidation.js +388 -0
package/dist/services/instructions.dispatcher.js +4 -4
package/dist/services/loaderSchemaValidator.d.ts +15 -0
package/dist/services/loaderSchemaValidator.js +69 -0
package/dist/services/logger.js +11 -2
package/dist/services/mcpLogBridge.d.ts +49 -0
package/dist/services/mcpLogBridge.js +83 -0
package/dist/services/ownershipService.js +18 -8
package/dist/services/performanceBaseline.js +23 -22
package/dist/services/promptReviewService.d.ts +3 -1
package/dist/services/promptReviewService.js +41 -13
package/dist/services/regexSafety.d.ts +6 -0
package/dist/services/regexSafety.js +46 -0
package/dist/services/seedBootstrap.js +1 -1
package/dist/services/storage/factory.d.ts +14 -1
package/dist/services/storage/factory.js +61 -1
package/dist/services/storage/jsonEmbeddingStore.d.ts +15 -0
package/dist/services/storage/jsonEmbeddingStore.js +83 -0
package/dist/services/storage/jsonFileStore.d.ts +3 -1
package/dist/services/storage/jsonFileStore.js +8 -6
package/dist/services/storage/migrationEngine.d.ts +13 -0
package/dist/services/storage/migrationEngine.js +31 -0
package/dist/services/storage/sqliteEmbeddingStore.d.ts +30 -0
package/dist/services/storage/sqliteEmbeddingStore.js +222 -0
package/dist/services/storage/sqliteStore.d.ts +3 -1
package/dist/services/storage/sqliteStore.js +2 -2
package/dist/services/storage/types.d.ts +48 -1
package/dist/services/toolRegistry.js +77 -67
package/dist/services/toolRegistry.zod.js +89 -86
package/dist/services/tracing.js +5 -4
package/dist/utils/envUtils.d.ts +4 -0
package/dist/utils/envUtils.js +7 -0
package/dist/utils/memoryMonitor.js +11 -10
package/package.json +11 -4
package/schemas/instruction.schema.json +38 -1
package/scripts/copy-dashboard-assets.mjs +1 -1
package/scripts/dist/README.md +1 -1
package/scripts/setup-wizard.mjs +781 -0
package/server.json +1 -0
package/dist/externalClientLib.d.ts +0 -1
package/dist/externalClientLib.js +0 -2
package/dist/portableClientWrapper.d.ts +0 -1
package/dist/portableClientWrapper.js +0 -2
package/dist/services/indexingService.d.ts +0 -1
package/dist/services/indexingService.js +0 -2

package/dist/dashboard/server/HttpTransport.js CHANGED Viewed

@@ -50,6 +50,8 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.createMcpTransportRoutes = createMcpTransportRoutes;
 const express_1 = __importStar(require("express"));
 const registry_1 = require("../../server/registry");
+const logger_1 = require("../../services/logger");
+const auditLog_1 = require("../../services/auditLog");
 /**
  * Create an Express router for the MCP HTTP transport.
  */
@@ -105,6 +107,10 @@ function createMcpTransportRoutes(options = {}) {
         }
         catch (error) {
             const message = error instanceof Error ? error.message : 'Internal error';
+            const stack = error instanceof Error ? error.stack : undefined;
+            const errorType = error instanceof Error ? error.constructor.name : typeof error;
+            (0, logger_1.log)('ERROR', `[HttpTransport] RPC handler error for method '${method}': ${message}`, { detail: stack });
+            (0, auditLog_1.logAudit)('rpc_error', method, { error: message, errorType, stack: stack?.slice(0, 500), requestId: id ?? null }, 'http');
             res.status(500).json({
                 jsonrpc: '2.0',
                 error: { code: -32603, message },

package/dist/dashboard/server/InstanceManager.js CHANGED Viewed

@@ -212,8 +212,13 @@ function pingInstance(host, port, protocol = 'http', timeoutMs = 3000) {
                 tlsOpts.ca = fs_1.default.readFileSync(caPath);
             }
             else {
-                // Localhost health-check against self-signed certs when no CA configured
-                tlsOpts.rejectUnauthorized = false; // lgtm[js/disabling-certificate-validation] — localhost self-signed cert
+                // No trusted CA configured. Do NOT disable certificate verification
+                // in production code — instead, skip the HTTPS reachability probe
+                // entirely. The earlier isProcessAlive() PID check still ensures the
+                // owning process exists; treat the instance as alive and defer
+                // liveness validation to the next iteration once a CA is configured.
+                resolve(true);
+                return;
             }
         }
         const opts = {

package/dist/dashboard/server/KnowledgeStore.js CHANGED Viewed

@@ -16,6 +16,7 @@ exports.createKnowledgeStore = createKnowledgeStore;
 const fs_1 = __importDefault(require("fs"));
 const path_1 = __importDefault(require("path"));
 const runtimeConfig_1 = require("../../config/runtimeConfig");
+const logger_js_1 = require("../../services/logger.js");
 class KnowledgeStore {
     entries = new Map();
     filePath;
@@ -36,7 +37,9 @@ class KnowledgeStore {
                 }
             }
         }
-        catch { /* ignore corrupt/missing file */ }
+        catch (error) {
+            (0, logger_js_1.logWarn)('[KnowledgeStore] Failed to load persisted knowledge store', error);
+        }
     }
     saveToDisk() {
         try {
@@ -45,7 +48,9 @@ class KnowledgeStore {
                 fs_1.default.mkdirSync(dir, { recursive: true });
             fs_1.default.writeFileSync(this.filePath, JSON.stringify(Array.from(this.entries.values()), null, 2));
         }
-        catch { /* ignore write errors */ }
+        catch (error) {
+            (0, logger_js_1.logWarn)('[KnowledgeStore] Failed to persist knowledge store', error);
+        }
     }
     upsert(key, content, metadata = {}) {
         const now = new Date().toISOString();

package/dist/dashboard/server/MetricsCollector.d.ts CHANGED Viewed

@@ -10,6 +10,7 @@ export type { ToolMetrics, ServerMetrics, ConnectionMetrics, MetricsSnapshot, Me
 import { type ToolMetrics, type MetricsSnapshot, type MetricsTimeSeriesEntry, type ToolCallEvent, type RealtimeMetrics, type RealtimeStreamingData, type SystemHealth, type EnhancedPerformanceMetrics, type AdvancedAnalytics, type Alert, type MetricsCollectorOptions, type ResourceSample } from './metricsAggregation.js';
 import type { ToolUsageChartData, PerformanceChartData, ToolUsageStats } from './metricsAggregation.js';
 export declare class MetricsCollector {
+    private persistenceHealth;
     private tools;
     private resourceSamples;
     private lastCpuUsageSample;
@@ -46,6 +47,19 @@ export declare class MetricsCollector {
     private appendFlushMs;
     private appendCompactMs;
     constructor(options?: MetricsCollectorOptions);
+    private formatPersistenceError;
+    private recordPersistenceFailure;
+    private recordPersistenceRecovery;
+    getPersistenceHealth(): {
+        degraded: boolean;
+        totalFailures: number;
+        appendFailures: number;
+        snapshotFailures: number;
+        truncateFailures: number;
+        lastError?: string;
+        lastFailureAt?: number;
+        lastRecoveredAt?: number;
+    };
     /**
      * Record a tool call event
      */
@@ -85,6 +99,7 @@ export declare class MetricsCollector {
         oldestTimestamp?: number;
         newestTimestamp?: number;
         memorySnapshots: number;
+        persistence: ReturnType<MetricsCollector['getPersistenceHealth']>;
     }>;
     /**
      * Get tool-specific metrics
@@ -176,6 +191,7 @@ export declare class MetricsCollector {
             toolCallEvents: BufferRingStats;
             performanceMetrics: BufferRingStats;
         };
+        persistence: ReturnType<MetricsCollector['getPersistenceHealth']>;
         historicalSnapshots?: MetricsTimeSeriesEntry[];
         toolCallEvents?: ToolCallEvent[];
         performanceMetrics?: Array<{

package/dist/dashboard/server/MetricsCollector.js CHANGED Viewed

@@ -23,6 +23,16 @@ const logger_js_1 = require("../../services/logger.js");
 const metricsAggregation_js_1 = require("./metricsAggregation.js");
 const metricsSerializer_js_1 = require("./metricsSerializer.js");
 class MetricsCollector {
+    persistenceHealth = {
+        degraded: false,
+        totalFailures: 0,
+        appendFailures: 0,
+        snapshotFailures: 0,
+        truncateFailures: 0,
+        lastError: undefined,
+        lastFailureAt: undefined,
+        lastRecoveredAt: undefined,
+    };
     tools = new Map();
     // Resource usage samples (CPU/Memory) for leak/trend analysis
     resourceSamples;
@@ -139,7 +149,7 @@ class MetricsCollector {
                         try {
                             const stat = fs_1.default.statSync(this.appendLogPath);
                             if (stat.size < 25 * 1024 * 1024) { // safety cap 25MB
-                                const raw = fs_1.default.readFileSync(this.appendLogPath, 'utf8');
+                                const raw = fs_1.default.readFileSync(this.appendLogPath, 'utf8'); // lgtm[js/file-system-race] — appendLogPath is config-controlled metrics path; statSync above bounds size
                                 const lines = raw.split(/\r?\n/).filter(l => l.trim().length > 0);
                                 for (const line of lines) {
                                     try {
@@ -179,6 +189,49 @@ class MetricsCollector {
         // Start periodic collection
         this.startCollection();
     }
+    formatPersistenceError(error) {
+        if (error instanceof Error) {
+            return error.stack ?? error.message;
+        }
+        return String(error);
+    }
+    recordPersistenceFailure(operation, error) {
+        this.persistenceHealth.degraded = true;
+        this.persistenceHealth.totalFailures += 1;
+        this.persistenceHealth.lastError = this.formatPersistenceError(error);
+        this.persistenceHealth.lastFailureAt = Date.now();
+        if (operation === 'append') {
+            this.persistenceHealth.appendFailures += 1;
+        }
+        else if (operation === 'truncate') {
+            this.persistenceHealth.truncateFailures += 1;
+        }
+        else {
+            this.persistenceHealth.snapshotFailures += 1;
+        }
+        if (this.persistenceHealth.totalFailures === 1 || this.persistenceHealth.lastRecoveredAt !== undefined) {
+            (0, logger_js_1.logWarn)('[MetricsCollector] Metrics persistence degraded; in-memory buffers will retry writes', {
+                operation,
+                error: this.persistenceHealth.lastError,
+                totalFailures: this.persistenceHealth.totalFailures,
+            });
+            this.persistenceHealth.lastRecoveredAt = undefined;
+        }
+    }
+    recordPersistenceRecovery(operation) {
+        if (!this.persistenceHealth.degraded)
+            return;
+        this.persistenceHealth.degraded = false;
+        this.persistenceHealth.lastError = undefined;
+        this.persistenceHealth.lastRecoveredAt = Date.now();
+        (0, logger_js_1.logInfo)('[MetricsCollector] Metrics persistence recovered', {
+            operation,
+            totalFailures: this.persistenceHealth.totalFailures,
+        });
+    }
+    getPersistenceHealth() {
+        return { ...this.persistenceHealth };
+    }
     /**
      * Record a tool call event
      */
@@ -225,10 +278,18 @@ class MetricsCollector {
                 this._pendingToolPersist++;
                 const dueTime = now - this._lastToolPersist > this.appendFlushMs;
                 if (this._pendingToolPersist >= this.appendChunkSize || dueTime) {
+                    const pendingAtSchedule = this._pendingToolPersist;
                     setTimeout(() => {
-                        this.toolCallEvents.saveToDisk().catch(() => { });
-                        this._lastToolPersist = Date.now();
-                        this._pendingToolPersist = 0;
+                        this.toolCallEvents.saveToDisk()
+                            .then(() => {
+                            this._lastToolPersist = Date.now();
+                            this._pendingToolPersist = Math.max(0, this._pendingToolPersist - pendingAtSchedule);
+                            this.recordPersistenceRecovery('snapshot');
+                        })
+                            .catch((error) => {
+                            this._pendingToolPersist = Math.max(this._pendingToolPersist, pendingAtSchedule);
+                            this.recordPersistenceFailure('snapshot', error);
+                        });
                     }, 0).unref?.();
                 }
             }
@@ -267,23 +328,54 @@ class MetricsCollector {
                 return;
             const toWrite = this.pendingAppendEvents.splice(0, this.pendingAppendEvents.length);
             const lines = toWrite.map(e => JSON.stringify(e)).join('\n') + '\n';
-            fs_1.default.promises.appendFile(this.appendLogPath, lines).catch(() => { });
-            this.lastAppendFlush = now;
-            // Periodic compaction: write full snapshot & truncate log
-            if ((now - this.lastAppendCompact) >= this.appendCompactMs || force) {
-                this.toolCallEvents.saveToDisk().catch(() => { });
-                this.lastAppendCompact = now;
+            const shouldCompact = (now - this.lastAppendCompact) >= this.appendCompactMs || force;
+            void fs_1.default.promises.appendFile(this.appendLogPath, lines)
+                .then(async () => {
+                this.lastAppendFlush = now;
+                if (!shouldCompact) {
+                    this.recordPersistenceRecovery('append');
+                    return;
+                }
+                try {
+                    await this.toolCallEvents.saveToDisk();
+                    this.lastAppendCompact = now;
+                }
+                catch (error) {
+                    this.recordPersistenceFailure('snapshot', error);
+                    return;
+                }
                 if (this.appendLogPath) {
-                    fs_1.default.promises.writeFile(this.appendLogPath, '').catch(() => { }); // truncate
+                    try {
+                        await fs_1.default.promises.writeFile(this.appendLogPath, '');
+                    }
+                    catch (error) {
+                        this.recordPersistenceFailure('truncate', error);
+                        return;
+                    }
                 }
-            }
+                this.recordPersistenceRecovery('append');
+            })
+                .catch((error) => {
+                this.pendingAppendEvents.unshift(...toWrite);
+                this.lastAppendFlush = 0;
+                this.recordPersistenceFailure('append', error);
+            });
+            // Periodic compaction: write full snapshot & truncate log
         }
         else {
             // snapshot mode manual force
             if (force) {
-                this.toolCallEvents.saveToDisk().catch(() => { });
-                this._lastToolPersist = now;
-                this._pendingToolPersist = 0;
+                const pendingAtForce = Math.max(this._pendingToolPersist, 1);
+                void this.toolCallEvents.saveToDisk()
+                    .then(() => {
+                    this._lastToolPersist = now;
+                    this._pendingToolPersist = Math.max(0, this._pendingToolPersist - pendingAtForce);
+                    this.recordPersistenceRecovery('snapshot');
+                })
+                    .catch((error) => {
+                    this._pendingToolPersist = Math.max(this._pendingToolPersist, pendingAtForce);
+                    this.recordPersistenceFailure('snapshot', error);
+                });
             }
         }
     }
@@ -430,12 +522,14 @@ class MetricsCollector {
                 fileCount: 0,
                 totalSizeKB: 0,
                 memorySnapshots: this.snapshots.length,
+                persistence: this.getPersistenceHealth(),
             };
         }
         const fileStats = await this.fileStorage.getStorageStats();
         return {
             ...fileStats,
             memorySnapshots: this.snapshots.length,
+            persistence: this.getPersistenceHealth(),
         };
     }
     /**
@@ -605,6 +699,7 @@ class MetricsCollector {
     getSystemHealth() {
         const cpu = (0, metricsAggregation_js_1.estimateCPUUsage)(this.snapshots.slice(-5));
         const memory = (0, metricsAggregation_js_1.estimateMemoryUsage)(this.connections.size, this.snapshots.length);
+        const baseStatus = (0, metricsAggregation_js_1.getOverallHealthStatus)(cpu, memory, (0, metricsAggregation_js_1.getErrorRate)(this.tools));
         return {
             cpuUsage: cpu,
             memoryUsage: memory,
@@ -612,7 +707,7 @@ class MetricsCollector {
             networkLatency: (0, metricsAggregation_js_1.getAverageResponseTime)(this.tools),
             uptime: Date.now() - this.startTime,
             lastHealthCheck: new Date(),
-            status: (0, metricsAggregation_js_1.getOverallHealthStatus)(cpu, memory, (0, metricsAggregation_js_1.getErrorRate)(this.tools)),
+            status: this.persistenceHealth.degraded && baseStatus === 'healthy' ? 'warning' : baseStatus,
         };
     }
     getDetailedPerformanceMetrics() {
@@ -765,7 +860,8 @@ class MetricsCollector {
         const data = {
             timestamp: Date.now(),
             currentSnapshot: this.getCurrentSnapshot(),
-            bufferStats: this.getBufferRingStats()
+            bufferStats: this.getBufferRingStats(),
+            persistence: this.getPersistenceHealth(),
         };
         const result = data;
         if (options.includeHistorical !== false) {

package/dist/dashboard/server/legacyDashboardHtml.js CHANGED Viewed

@@ -1,5 +1,4 @@
 "use strict";
-/* eslint-disable */
 /**
  * legacyDashboardHtml - generates the v1 legacy dashboard HTML page.
  * Extracted from DashboardServer.ts to keep the coordinator within line limits.
@@ -13,8 +12,14 @@ const legacyDashboardStyles_js_1 = require("./legacyDashboardStyles.js");
 // ---------------------------------------------------------------------------
 // stripGraphTab - removes graph-related markup when the graph feature is off
 // ---------------------------------------------------------------------------
+// NOTE: These regexes operate on dashboard HTML built in this module from
+// trusted constants — never on user input. The patterns are intentional
+// targeted strips (matching specific data-section, comment markers, and the
+// admin.graph.js script src) rather than a general HTML sanitizer.
+// CodeQL bad-tag-filter / incomplete-multi-character-sanitization queries
+// are suppressed for this file via .github/codeql/codeql-config.yml.
 function stripGraphTab(html) {
-    html = html.replace(/<button[^>]*data-section="graph"[^>]*>Graph<\/button>\s*/i, ""); // lgtm[js/incomplete-multi-character-sanitization] — stripping graph tab, not sanitization
+    html = html.replace(/<button[^>]*data-section="graph"[^>]*>Graph<\/button>\s*/i, "");
     html = html.replace(/<!--\s*Graph Section\s*-->[\s\S]*?(?=<!--\s*Configuration Section\s*-->)/i, "");
     html = html.replace(/<script[^>]*src="js\/admin\.graph\.js[^"]*"[^>]*><\/script>\s*/i, "");
     return html;

package/dist/dashboard/server/middleware/ensureLoadedMiddleware.d.ts CHANGED Viewed

@@ -22,4 +22,4 @@ export interface IndexLocals {
  * Middleware that eagerly loads the instruction index once per request.
  * Attach to any router whose handlers need index state.
  */
-export declare function ensureLoadedMiddleware(_req: Request, res: Response, next: NextFunction): void;
+export declare function ensureLoadedMiddleware(_req: Request, res: Response, next: NextFunction): Promise<void>;

package/dist/dashboard/server/middleware/ensureLoadedMiddleware.js CHANGED Viewed

@@ -18,7 +18,12 @@ const indexContext_js_1 = require("../../../services/indexContext.js");
  * Middleware that eagerly loads the instruction index once per request.
  * Attach to any router whose handlers need index state.
  */
-function ensureLoadedMiddleware(_req, res, next) {
-    res.locals.indexState = (0, indexContext_js_1.ensureLoaded)();
-    next();
+async function ensureLoadedMiddleware(_req, res, next) {
+    try {
+        res.locals.indexState = await (0, indexContext_js_1.ensureLoadedAsync)();
+        next();
+    }
+    catch (error) {
+        next(error);
+    }
 }

package/dist/dashboard/server/routes/admin.feedback.routes.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+/**
+ * Admin Feedback CRUD Routes — Human-operator management of persisted feedback entries.
+ *
+ * Routes:
+ *   GET    /admin/feedback       — list all entries
+ *   POST   /admin/feedback       — create a new entry
+ *   GET    /admin/feedback/:id   — get a single entry
+ *   PATCH  /admin/feedback/:id   — update entry fields (e.g., status)
+ *   DELETE /admin/feedback/:id   — remove an entry
+ *
+ * Storage: shared via src/services/feedbackStorage.ts (no I/O duplication with MCP layer).
+ * This surface is NOT the webhook/external-connector surface in api.feedback.routes.ts.
+ */
+import { Router } from 'express';
+export declare function createAdminFeedbackRoutes(): Router;

package/dist/dashboard/server/routes/admin.feedback.routes.js ADDED Viewed

@@ -0,0 +1,188 @@
+"use strict";
+/**
+ * Admin Feedback CRUD Routes — Human-operator management of persisted feedback entries.
+ *
+ * Routes:
+ *   GET    /admin/feedback       — list all entries
+ *   POST   /admin/feedback       — create a new entry
+ *   GET    /admin/feedback/:id   — get a single entry
+ *   PATCH  /admin/feedback/:id   — update entry fields (e.g., status)
+ *   DELETE /admin/feedback/:id   — remove an entry
+ *
+ * Storage: shared via src/services/feedbackStorage.ts (no I/O duplication with MCP layer).
+ * This surface is NOT the webhook/external-connector surface in api.feedback.routes.ts.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createAdminFeedbackRoutes = createAdminFeedbackRoutes;
+const express_1 = require("express");
+const adminAuth_js_1 = require("./adminAuth.js");
+const feedbackStorage_js_1 = require("../../../services/feedbackStorage.js");
+const auditLog_js_1 = require("../../../services/auditLog.js");
+const VALID_TYPES = new Set([
+    'issue', 'status', 'security', 'feature-request',
+    'bug-report', 'performance', 'usability', 'other',
+]);
+const VALID_SEVERITIES = new Set(['low', 'medium', 'high', 'critical']);
+const VALID_STATUSES = new Set(['new', 'acknowledged', 'in-progress', 'resolved', 'closed']);
+const MAX_TITLE_LENGTH = 200;
+const MAX_DESCRIPTION_LENGTH = 10_000;
+const MAX_TAGS = 10;
+function sanitizeTags(value) {
+    if (!Array.isArray(value))
+        return undefined;
+    const tags = value
+        .filter((tag) => typeof tag === 'string')
+        .map(tag => tag.trim())
+        .filter(Boolean)
+        .slice(0, MAX_TAGS);
+    return tags.length > 0 ? tags : undefined;
+}
+function createAdminFeedbackRoutes() {
+    const router = (0, express_1.Router)();
+    /** GET /admin/feedback — list all persisted feedback entries */
+    router.get('/admin/feedback', adminAuth_js_1.dashboardAdminAuth, (_req, res) => {
+        try {
+            const storage = (0, feedbackStorage_js_1.loadFeedbackStorage)();
+            res.json({
+                entries: storage.entries,
+                total: storage.entries.length,
+                lastUpdated: storage.lastUpdated,
+            });
+        }
+        catch (error) {
+            res.status(500).json({ error: 'Failed to load feedback entries', message: String(error) });
+        }
+    });
+    /** POST /admin/feedback — create a new feedback entry */
+    router.post('/admin/feedback', adminAuth_js_1.dashboardAdminAuth, (req, res) => {
+        try {
+            const body = req.body;
+            const { type, severity, title, description } = body;
+            if (!title || typeof title !== 'string' || !title.trim()) {
+                res.status(400).json({ error: 'Missing required field: title' });
+                return;
+            }
+            if (!type || !VALID_TYPES.has(String(type))) {
+                res.status(400).json({
+                    error: `Missing or invalid field: type. Must be one of: ${[...VALID_TYPES].join(', ')}`,
+                });
+                return;
+            }
+            if (!severity || !VALID_SEVERITIES.has(String(severity))) {
+                res.status(400).json({
+                    error: `Missing or invalid field: severity. Must be one of: ${[...VALID_SEVERITIES].join(', ')}`,
+                });
+                return;
+            }
+            const timestamp = new Date().toISOString();
+            const id = (0, feedbackStorage_js_1.generateFeedbackId)(String(type), timestamp);
+            const entry = {
+                id,
+                timestamp,
+                type: type,
+                severity: severity,
+                title: title.trim().slice(0, MAX_TITLE_LENGTH),
+                description: description ? String(description).slice(0, MAX_DESCRIPTION_LENGTH) : '',
+                status: 'new',
+            };
+            const tags = sanitizeTags(body.tags);
+            if (tags)
+                entry.tags = tags;
+            if (body.metadata && typeof body.metadata === 'object') {
+                entry.metadata = body.metadata;
+            }
+            const storage = (0, feedbackStorage_js_1.loadFeedbackStorage)();
+            storage.entries.push(entry);
+            (0, feedbackStorage_js_1.saveFeedbackStorage)(storage);
+            (0, auditLog_js_1.logAudit)('admin/feedback/create', [id], { title: entry.title, type: entry.type });
+            res.status(201).json(entry);
+        }
+        catch (error) {
+            res.status(500).json({ error: 'Failed to create feedback entry', message: String(error) });
+        }
+    });
+    /** GET /admin/feedback/:id — retrieve a single entry by id */
+    router.get('/admin/feedback/:id', adminAuth_js_1.dashboardAdminAuth, (req, res) => {
+        try {
+            const { id } = req.params;
+            const storage = (0, feedbackStorage_js_1.loadFeedbackStorage)();
+            const entry = storage.entries.find(e => e.id === id);
+            if (!entry) {
+                res.status(404).json({ error: `Feedback entry not found: ${id}` });
+                return;
+            }
+            res.json(entry);
+        }
+        catch (error) {
+            res.status(500).json({ error: 'Failed to get feedback entry', message: String(error) });
+        }
+    });
+    /** PATCH /admin/feedback/:id — update mutable fields on an entry */
+    router.patch('/admin/feedback/:id', adminAuth_js_1.dashboardAdminAuth, (req, res) => {
+        try {
+            const { id } = req.params;
+            const body = req.body;
+            const storage = (0, feedbackStorage_js_1.loadFeedbackStorage)();
+            const idx = storage.entries.findIndex(e => e.id === id);
+            if (idx === -1) {
+                res.status(404).json({ error: `Feedback entry not found: ${id}` });
+                return;
+            }
+            const entry = { ...storage.entries[idx] };
+            if (body.status !== undefined) {
+                if (!VALID_STATUSES.has(String(body.status))) {
+                    res.status(400).json({
+                        error: `Invalid status. Must be one of: ${[...VALID_STATUSES].join(', ')}`,
+                    });
+                    return;
+                }
+                entry.status = body.status;
+            }
+            if (body.title !== undefined && typeof body.title === 'string') {
+                entry.title = body.title.trim().slice(0, MAX_TITLE_LENGTH);
+            }
+            if (body.description !== undefined && typeof body.description === 'string') {
+                entry.description = body.description.slice(0, MAX_DESCRIPTION_LENGTH);
+            }
+            if (body.severity !== undefined) {
+                if (!VALID_SEVERITIES.has(String(body.severity))) {
+                    res.status(400).json({
+                        error: `Invalid severity. Must be one of: ${[...VALID_SEVERITIES].join(', ')}`,
+                    });
+                    return;
+                }
+                entry.severity = body.severity;
+            }
+            if (body.tags !== undefined) {
+                entry.tags = sanitizeTags(body.tags);
+            }
+            storage.entries[idx] = entry;
+            (0, feedbackStorage_js_1.saveFeedbackStorage)(storage);
+            (0, auditLog_js_1.logAudit)('admin/feedback/update', [id], { fields: Object.keys(body) });
+            res.json(entry);
+        }
+        catch (error) {
+            res.status(500).json({ error: 'Failed to update feedback entry', message: String(error) });
+        }
+    });
+    /** DELETE /admin/feedback/:id — remove an entry */
+    router.delete('/admin/feedback/:id', adminAuth_js_1.dashboardAdminAuth, (req, res) => {
+        try {
+            const { id } = req.params;
+            const storage = (0, feedbackStorage_js_1.loadFeedbackStorage)();
+            const idx = storage.entries.findIndex(e => e.id === id);
+            if (idx === -1) {
+                res.status(404).json({ error: `Feedback entry not found: ${id}` });
+                return;
+            }
+            storage.entries.splice(idx, 1);
+            (0, feedbackStorage_js_1.saveFeedbackStorage)(storage);
+            (0, auditLog_js_1.logAudit)('admin/feedback/delete', [id]);
+            res.status(200).json({ deleted: true, id });
+        }
+        catch (error) {
+            res.status(500).json({ error: 'Failed to delete feedback entry', message: String(error) });
+        }
+    });
+    return router;
+}