npm - @jsonstudio/rcc - Versions diffs - 0.89.1960 → 0.89.2195 - Mend

@jsonstudio/rcc 0.89.1960 → 0.89.2195

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (559) hide show

package/dist/server/runtime/http-server/index.js CHANGED Viewed

@@ -8,139 +8,29 @@
  * - 保持API兼容性
  */
 import express, {} from 'express';
-import * as fs from 'node:fs/promises';
-import path from 'node:path';
 import { ErrorHandlingCenter } from 'rcc-errorhandling';
-import { ProviderFactory } from '../../../providers/core/runtime/provider-factory.js';
 import { PipelineDebugLogger as PipelineDebugLoggerImpl } from '../../../modules/pipeline/utils/debug-logger.js';
-import { attachProviderRuntimeMetadata } from '../../../providers/core/runtime/provider-runtime-metadata.js';
-import { preloadAntigravityAliasUserAgents, primeAntigravityUserAgentVersion } from '../../../providers/auth/antigravity-user-agent.js';
-import { getAntigravityWarmupBlacklistDurationMs, isAntigravityWarmupEnabled, warmupCheckAntigravityAlias } from '../../../providers/auth/antigravity-warmup.js';
-import { shutdownCamoufoxLaunchers } from '../../../providers/core/config/camoufox-launcher.js';
 import { AuthFileResolver } from '../../../config/auth-file-resolver.js';
-import { buildProviderProfiles } from '../../../providers/profile/provider-profile-loader.js';
-import { isStageLoggingEnabled, logPipelineStage } from '../../utils/stage-logger.js';
+import { isStageLoggingEnabled } from '../../utils/stage-logger.js';
 import { registerApiKeyAuthMiddleware, registerDefaultMiddleware } from './middleware.js';
-import { registerHttpRoutes, registerOAuthPortalRoute } from './routes.js';
-import { mapProviderProtocol, normalizeProviderType, resolveProviderIdentity, asRecord } from './provider-utils.js';
+import { registerOAuthPortalRoute } from './routes.js';
 import { resolveRepoRoot } from './llmswitch-loader.js';
-import { enhanceProviderRequestId } from '../../utils/request-id-manager.js';
-import { convertProviderResponse as bridgeConvertProviderResponse, createSnapshotRecorder as bridgeCreateSnapshotRecorder, rebindResponsesConversationRequestId, extractSessionIdentifiersFromMetadata, bootstrapVirtualRouterConfig, getProviderSuccessCenter, getHubPipelineCtor, resolveClockConfigSnapshot, reserveClockDueTasks, commitClockDueReservation, clearClockTasksSnapshot } from '../../../modules/llmswitch/bridge.js';
-import { initializeRouteErrorHub, reportRouteError } from '../../../error-handling/route-error-hub.js';
-import { writeClientSnapshot } from '../../../providers/core/utils/snapshot-writer.js';
 import { createServerColoredLogger } from './colored-logger.js';
-import { formatValueForConsole } from '../../../utils/logger.js';
 import { QuietErrorHandlingCenter } from '../../../error-handling/quiet-error-handling-center.js';
-import { describeRetryReason, isNetworkTransportError, shouldRetryProviderError, waitBeforeRetry } from './executor-provider.js';
 import { ManagerDaemon } from '../../../manager/index.js';
-import { HealthManagerModule } from '../../../manager/modules/health/index.js';
-import { RoutingStateManagerModule } from '../../../manager/modules/routing/index.js';
-import { TokenManagerModule } from '../../../manager/modules/token/index.js';
 import { ensureServerScopedSessionDir } from './session-dir.js';
 import { canonicalizeServerId } from './server-id.js';
 import { StatsManager } from './stats-manager.js';
-import { loadRouteCodexConfig } from '../../../config/routecodex-config-loader.js';
-import { buildInfo } from '../../../build-info.js';
-import { getClockClientRegistry } from './clock-client-registry.js';
-import { toExactMatchClockConfig } from './clock-daemon-inject-config.js';
-import { isTmuxSessionAlive, killManagedTmuxSession } from './tmux-session-probe.js';
-import { terminateManagedClientProcess } from './managed-process-probe.js';
-import { recordHubShadowCompareDiff, resolveHubShadowCompareConfig, shouldRunHubShadowCompare } from './hub-shadow-compare.js';
-import { recordLlmsEngineShadowDiff, isLlmsEngineShadowEnabledForSubpath, resolveLlmsEngineShadowConfig, shouldRunLlmsEngineShadowForSubpath } from '../../../utils/llms-engine-shadow.js';
-import { resolveLlmswitchCoreVersion } from '../../../utils/runtime-versions.js';
-const DEFAULT_MAX_PROVIDER_ATTEMPTS = 6;
-const DEFAULT_ANTIGRAVITY_MAX_PROVIDER_ATTEMPTS = 20;
-const RETRYABLE_SSE_ERROR_CODE_HINTS = [
-    'internal_network_failure',
-    'network_error',
-    'api_connection_error',
-    'service_unavailable',
-    'internal_server_error',
-    'overloaded_error',
-    'rate_limit_error',
-    'request_timeout',
-    'timeout'
-];
-const RETRYABLE_SSE_MESSAGE_HINTS = [
-    'internal network failure',
-    'network failure',
-    'network error',
-    'temporarily unavailable',
-    'temporarily unreachable',
-    'upstream disconnected',
-    'connection reset',
-    'connection closed',
-    'timed out',
-    'timeout'
-];
-function firstNonEmptyString(candidates) {
-    for (const candidate of candidates) {
-        if (typeof candidate !== 'string') {
-            continue;
-        }
-        const trimmed = candidate.trim();
-        if (trimmed) {
-            return trimmed;
-        }
-    }
-    return undefined;
-}
-function firstFiniteNumber(candidates) {
-    for (const candidate of candidates) {
-        if (typeof candidate === 'number' && Number.isFinite(candidate)) {
-            return candidate;
-        }
-    }
-    return undefined;
-}
-function isRetryableSseWrapperError(message, errorCode, status) {
-    if (typeof status === 'number' && Number.isFinite(status)) {
-        if (status === 408 || status === 425 || status === 429 || status >= 500) {
-            return true;
-        }
-    }
-    const normalizedCode = typeof errorCode === 'string' ? errorCode.trim().toLowerCase() : '';
-    if (normalizedCode && RETRYABLE_SSE_ERROR_CODE_HINTS.some((hint) => normalizedCode.includes(hint))) {
-        return true;
-    }
-    const loweredMessage = message.toLowerCase();
-    return RETRYABLE_SSE_MESSAGE_HINTS.some((hint) => loweredMessage.includes(hint));
-}
-function resolveMaxProviderAttempts() {
-    const raw = String(process.env.ROUTECODEX_MAX_PROVIDER_ATTEMPTS || process.env.RCC_MAX_PROVIDER_ATTEMPTS || '')
-        .trim()
-        .toLowerCase();
-    const parsed = raw ? Number.parseInt(raw, 10) : NaN;
-    const candidate = Number.isFinite(parsed) ? parsed : DEFAULT_MAX_PROVIDER_ATTEMPTS;
-    return Math.max(1, Math.min(20, candidate));
-}
-function resolveAntigravityMaxProviderAttempts() {
-    const raw = String(process.env.ROUTECODEX_ANTIGRAVITY_MAX_PROVIDER_ATTEMPTS || process.env.RCC_ANTIGRAVITY_MAX_PROVIDER_ATTEMPTS || '')
-        .trim()
-        .toLowerCase();
-    const parsed = raw ? Number.parseInt(raw, 10) : NaN;
-    const candidate = Number.isFinite(parsed) ? parsed : DEFAULT_ANTIGRAVITY_MAX_PROVIDER_ATTEMPTS;
-    return Math.max(1, Math.min(60, candidate));
-}
-function isAntigravityProviderKey(providerKey) {
-    return typeof providerKey === 'string' && providerKey.startsWith('antigravity.');
-}
-function extractStatusCodeFromError(err) {
-    if (!err || typeof err !== 'object')
-        return undefined;
-    const direct = err.statusCode;
-    if (typeof direct === 'number')
-        return direct;
-    const nested = err.status;
-    if (typeof nested === 'number')
-        return nested;
-    return undefined;
-}
-/**
- * RouteCodex Server V2
- *
- * 与V1完全并行实现，集成系统hooks
- */
+import { resolveHubShadowCompareConfig } from './hub-shadow-compare.js';
+import { resolveLlmsEngineShadowConfig } from '../../../utils/llms-engine-shadow.js';
+import { createRequestExecutor } from './request-executor.js';
+import { startClockReaper, stopClockReaper } from './clock-client-reaper.js';
+import { resolveVirtualRouterInput, getModuleDependencies, registerDaemonAdminUiRoute, getErrorHandlingShim, createDebugCenterShim, updateProviderProfiles, ensureProviderProfilesFromUserConfig, tryBuildProfiles, findProviderProfile, applyProviderProfileOverrides, canonicalizeRuntimeProvider, logStage, extractProviderModel, buildProviderLabel, normalizeAuthType, resolveSecretValue, isSafeSecretReference, bootstrapVirtualRouter, ensureHubPipelineCtor, ensureHubPipelineEngineShadow, isPipelineReady, waitForRuntimeReady, isQuotaRoutingEnabled, shouldStartManagerDaemon, initializeRouteErrorHub } from './http-server-bootstrap.js';
+import { shouldEnableClockDaemonInjectLoop, resolveRawClockConfig, stopClockDaemonInjectLoop, startClockDaemonInjectLoop, tickClockDaemonInjectLoop } from './http-server-clock-daemon.js';
+import { setupRuntime } from './http-server-runtime-setup.js';
+import { initializeProviderRuntimes, createProviderHandle, materializeRuntimeProfile, normalizeRuntimeBaseUrl, resolveRuntimeAuth, resolveApiKeyValue, isLocalBaseUrl, disposeProviders } from './http-server-runtime-providers.js';
+import { initializeHttpServer, restartRuntimeFromDisk, startHttpServer, stopHttpServer, getHttpServerStatus, getHttpServerConfig, isHttpServerInitialized, isHttpServerRunning, handleHttpServerError, initializeWithUserConfig, reloadHttpServerRuntime, buildHttpHandlerContext } from './http-server-lifecycle.js';
+import { executePipelineViaLegacyOverride } from './http-server-legacy-pipeline.js';
 export class RouteCodexHttpServer {
     app;
     server;
@@ -149,11 +39,12 @@ export class RouteCodexHttpServer {
     errorHandling;
     _isInitialized = false;
     _isRunning = false;
-    // Runtime state
     hubPipeline = null;
     providerHandles = new Map();
     providerKeyToRuntimeKey = new Map();
     providerRuntimeInitErrors = new Map();
+    runtimeKeyCredentialSkipped = new Set();
+    startupExcludedProviderKeys = new Set();
     pipelineLogger = createNoopPipelineLogger();
     authResolver = new AuthFileResolver();
     userConfig = {};
@@ -182,14 +73,15 @@ export class RouteCodexHttpServer {
     clockDaemonInjectTimer = null;
     clockDaemonInjectTickInFlight = false;
     lastClockDaemonInjectErrorAtMs = 0;
+    clockDaemonInjectSkipLogByKey = new Map();
     lastClockDaemonCleanupAtMs = 0;
+    requestExecutor;
     constructor(config) {
         this.config = config;
         this.app = express();
         this.errorHandling = new QuietErrorHandlingCenter();
         this.stageLoggingEnabled = isStageLoggingEnabled();
         this.repoRoot = resolveRepoRoot(import.meta.url);
-        // Ensure session-scoped routing state does not leak across server instances.
         ensureServerScopedSessionDir(canonicalizeServerId(this.config.server.host, this.config.server.port));
         try {
             this.pipelineLogger = new PipelineDebugLoggerImpl({ colored: this.coloredLogger }, { enableConsoleLogging: true });
@@ -202,8 +94,28 @@ export class RouteCodexHttpServer {
             this.runtimeReadyResolve = resolve;
             this.runtimeReadyReject = reject;
         });
-        // Register critical routes early (before provider initialization)
-        // This ensures OAuth Portal is available when providers check token validity
+        this.requestExecutor = createRequestExecutor({
+            runtimeManager: {
+                resolveRuntimeKey: (providerKey, fallback) => {
+                    if (providerKey && this.providerKeyToRuntimeKey.has(providerKey)) {
+                        return this.providerKeyToRuntimeKey.get(providerKey);
+                    }
+                    return fallback;
+                },
+                getHandleByRuntimeKey: (runtimeKey) => {
+                    if (!runtimeKey) {
+                        return undefined;
+                    }
+                    return this.providerHandles.get(runtimeKey);
+                }
+            },
+            getHubPipeline: () => this.hubPipeline,
+            getModuleDependencies: () => this.getModuleDependencies(),
+            logStage: (stage, requestId, details) => {
+                this.logStage(stage, requestId, details);
+            },
+            stats: this.stats
+        });
         registerApiKeyAuthMiddleware(this.app, this.config);
         registerDefaultMiddleware(this.app);
         registerOAuthPortalRoute(this.app);
@@ -212,2558 +124,168 @@ export class RouteCodexHttpServer {
         console.log('[RouteCodexHttpServer] Initialized (pipeline=hub)');
     }
     resolveVirtualRouterInput(userConfig) {
-        if (userConfig?.virtualrouter && typeof userConfig.virtualrouter === 'object') {
-            return userConfig.virtualrouter;
-        }
-        return userConfig;
+        return resolveVirtualRouterInput(this, userConfig);
     }
     getModuleDependencies() {
-        if (!this.moduleDependencies) {
-            this.moduleDependencies = {
-                errorHandlingCenter: this.getErrorHandlingShim(),
-                debugCenter: this.createDebugCenterShim(),
-                logger: this.pipelineLogger
-            };
-        }
-        return this.moduleDependencies;
+        return getModuleDependencies(this);
     }
-    /**
-     * Register Daemon Admin UI route.
-     * Serves docs/daemon-admin-ui.html as a static page.
-     * Note: daemon-admin UI/API now uses password login (stored at ~/.routecodex/login) instead of httpserver.apikey.
-     */
     registerDaemonAdminUiRoute() {
-        this.app.get('/daemon/admin', async (req, res) => {
-            try {
-                const fs = await import('node:fs/promises');
-                let html = '';
-                try {
-                    const filePath = new URL('../../../../docs/daemon-admin-ui.html', import.meta.url);
-                    html = await fs.readFile(filePath, 'utf8');
-                }
-                catch {
-                    // build output reads from dist/docs; fallback to cwd/docs for dev runners
-                    const path = await import('node:path');
-                    const fallback = path.join(process.cwd(), 'docs', 'daemon-admin-ui.html');
-                    html = await fs.readFile(fallback, 'utf8');
-                }
-                res.setHeader('Content-Type', 'text/html; charset=utf-8');
-                // Avoid stale admin UI in browsers / proxies after upgrades.
-                res.setHeader('Cache-Control', 'no-store, max-age=0');
-                res.setHeader('Pragma', 'no-cache');
-                res.setHeader('X-RouteCodex-Version', buildInfo?.version ? String(buildInfo.version) : String(process.env.ROUTECODEX_VERSION || 'dev'));
-                res.send(html);
-            }
-            catch (error) {
-                const message = error instanceof Error ? error.message : String(error);
-                res.status(500).json({
-                    error: {
-                        message: `Daemon admin UI not available: ${message}`
-                    }
-                });
-            }
-        });
+        registerDaemonAdminUiRoute(this);
     }
     getErrorHandlingShim() {
-        if (!this.errorHandlingShim) {
-            this.errorHandlingShim = {
-                handleError: async (errorPayload, contextPayload) => {
-                    const sanitizedError = formatErrorForErrorCenter(errorPayload);
-                    const sanitizedContext = formatErrorForErrorCenter(contextPayload);
-                    await this.errorHandling.handleError({
-                        error: sanitizedError,
-                        source: 'pipeline',
-                        severity: 'medium',
-                        timestamp: Date.now(),
-                        context: sanitizedContext
-                    });
-                },
-                createContext: () => ({}),
-                getStatistics: () => ({})
-            };
-        }
-        return this.errorHandlingShim;
+        return getErrorHandlingShim(this);
     }
     createDebugCenterShim() {
-        return {
-            logDebug: () => { },
-            logError: () => { },
-            logModule: () => { },
-            processDebugEvent: () => { },
-            getLogs: () => []
-        };
+        return createDebugCenterShim();
     }
     updateProviderProfiles(collection, rawConfig) {
-        this.providerProfileIndex.clear();
-        const source = collection ?? this.tryBuildProfiles(rawConfig);
-        if (!source) {
-            return;
-        }
-        for (const profile of source.profiles) {
-            if (profile && typeof profile.id === 'string' && profile.id.trim()) {
-                this.providerProfileIndex.set(profile.id.trim(), profile);
-            }
-        }
+        updateProviderProfiles(this, collection, rawConfig);
     }
     ensureProviderProfilesFromUserConfig() {
-        if (this.providerProfileIndex.size > 0) {
-            return;
-        }
-        const fallback = this.tryBuildProfiles(this.userConfig);
-        if (!fallback) {
-            return;
-        }
-        for (const profile of fallback.profiles) {
-            if (profile && typeof profile.id === 'string' && profile.id.trim()) {
-                this.providerProfileIndex.set(profile.id.trim(), profile);
-            }
-        }
+        ensureProviderProfilesFromUserConfig(this);
     }
     tryBuildProfiles(config) {
-        if (!config) {
-            return null;
-        }
-        try {
-            return buildProviderProfiles(config);
-        }
-        catch {
-            return null;
-        }
+        return tryBuildProfiles(config);
     }
     findProviderProfile(runtime) {
-        const candidates = new Set();
-        const pushCandidate = (value) => {
-            if (typeof value === 'string' && value.trim()) {
-                candidates.add(value.trim());
-            }
-        };
-        pushCandidate(runtime.providerId);
-        if (runtime.providerKey && runtime.providerKey.includes('.')) {
-            pushCandidate(runtime.providerKey.split('.')[0]);
-        }
-        if (runtime.runtimeKey && runtime.runtimeKey.includes('.')) {
-            pushCandidate(runtime.runtimeKey.split('.')[0]);
-        }
-        for (const candidate of candidates) {
-            const profile = this.providerProfileIndex.get(candidate);
-            if (profile) {
-                return profile;
-            }
-        }
-        return undefined;
+        return findProviderProfile(this, runtime);
     }
     applyProviderProfileOverrides(runtime) {
-        const profile = this.findProviderProfile(runtime);
-        if (!profile) {
-            return this.canonicalizeRuntimeProvider(runtime);
-        }
-        const patched = { ...runtime };
-        const originalFamily = patched.providerFamily || patched.providerType;
-        patched.providerFamily = originalFamily;
-        patched.providerType = profile.protocol;
-        if (profile.moduleType && profile.moduleType.trim()) {
-            patched.providerModule = profile.moduleType.trim();
-        }
-        if (!patched.baseUrl && profile.transport.baseUrl) {
-            patched.baseUrl = profile.transport.baseUrl;
-        }
-        if (!patched.endpoint && profile.transport.endpoint) {
-            patched.endpoint = profile.transport.endpoint;
-        }
-        if (!patched.headers && profile.transport.headers) {
-            patched.headers = profile.transport.headers;
-        }
-        if (patched.timeoutMs === undefined && typeof profile.transport.timeoutMs === 'number') {
-            patched.timeoutMs = profile.transport.timeoutMs;
-        }
-        if (patched.maxRetries === undefined && typeof profile.transport.maxRetries === 'number') {
-            patched.maxRetries = profile.transport.maxRetries;
-        }
-        if (!patched.compatibilityProfile && profile.compatibilityProfile) {
-            patched.compatibilityProfile = profile.compatibilityProfile;
-        }
-        if (!patched.defaultModel && profile.metadata?.defaultModel) {
-            patched.defaultModel = profile.metadata.defaultModel;
-        }
-        if (!patched.deepseek && profile.metadata?.deepseek) {
-            patched.deepseek = profile.metadata.deepseek;
-        }
-        return this.canonicalizeRuntimeProvider(patched);
+        return applyProviderProfileOverrides(this, runtime);
     }
     canonicalizeRuntimeProvider(runtime) {
-        const { providerType, providerFamily } = resolveProviderIdentity(runtime.providerType, runtime.providerFamily);
-        return {
-            ...runtime,
-            providerType: providerType,
-            providerFamily
-        };
+        return canonicalizeRuntimeProvider(runtime);
     }
     logStage(stage, requestId, details) {
-        if (!this.stageLoggingEnabled) {
-            return;
-        }
-        logPipelineStage(stage, requestId, details);
+        logStage(this, stage, requestId, details);
     }
     extractProviderModel(payload) {
-        if (!payload) {
-            return undefined;
-        }
-        const source = payload.data && typeof payload.data === 'object'
-            ? payload.data
-            : payload;
-        const raw = source.model;
-        if (typeof raw === 'string' && raw.trim()) {
-            return raw.trim();
-        }
-        return undefined;
+        return extractProviderModel(this, payload);
     }
     buildProviderLabel(providerKey, model) {
-        const key = typeof providerKey === 'string' && providerKey.trim() ? providerKey.trim() : undefined;
-        const modelId = typeof model === 'string' && model.trim() ? model.trim() : undefined;
-        if (!key && !modelId) {
-            return undefined;
-        }
-        if (key && modelId) {
-            return `${key}.${modelId}`;
-        }
-        return key || modelId;
+        return buildProviderLabel(this, providerKey, model);
     }
     normalizeAuthType(input) {
-        const value = typeof input === 'string' ? input.toLowerCase() : '';
-        if (value.includes('oauth')) {
-            return 'oauth';
-        }
-        return 'apikey';
+        return normalizeAuthType(this, input);
     }
     async resolveSecretValue(raw) {
-        if (!raw) {
-            throw new Error('Secret reference is required but missing');
-        }
-        const trimmed = raw.trim();
-        const envMatch = trimmed.match(/^\$\{([A-Z0-9_]+)\}$/i);
-        if (envMatch) {
-            const envValue = process.env[envMatch[1]];
-            if (!envValue) {
-                throw new Error(`Environment variable ${envMatch[1]} is not defined`);
-            }
-            return envValue;
-        }
-        if (/^[A-Z][A-Z0-9_]+$/.test(trimmed)) {
-            const envValue = process.env[trimmed];
-            if (!envValue) {
-                throw new Error(`Environment variable ${trimmed} is not defined`);
-            }
-            return envValue;
-        }
-        if (trimmed.startsWith('authfile-')) {
-            return await this.authResolver.resolveKey(trimmed);
-        }
-        return trimmed;
+        return await resolveSecretValue(this, raw);
     }
     isSafeSecretReference(value) {
-        const trimmed = value.trim();
-        if (!trimmed) {
-            return false;
-        }
-        if (trimmed.startsWith('authfile-')) {
-            return true;
-        }
-        if (/^\$\{[A-Z0-9_]+\}$/i.test(trimmed)) {
-            return true;
-        }
-        if (/^[A-Z][A-Z0-9_]+$/.test(trimmed)) {
-            return true;
-        }
-        return false;
+        return isSafeSecretReference(this, value);
     }
     async bootstrapVirtualRouter(input) {
-        const artifacts = (await bootstrapVirtualRouterConfig(input));
-        return artifacts;
+        return await bootstrapVirtualRouter(this, input);
     }
     async ensureHubPipelineCtor() {
-        if (this.hubPipelineCtor) {
-            return this.hubPipelineCtor;
-        }
-        const ctorFactory = await getHubPipelineCtor();
-        this.hubPipelineCtor = ctorFactory;
-        return this.hubPipelineCtor;
+        return await ensureHubPipelineCtor(this);
     }
     async ensureHubPipelineEngineShadow() {
-        if (this.hubPipelineEngineShadow) {
-            return this.hubPipelineEngineShadow;
-        }
-        if (!this.hubPipelineConfigForShadow) {
-            throw new Error('Hub pipeline shadow config is not initialized');
-        }
-        const baseConfig = this.hubPipelineConfigForShadow;
-        const shadowConfig = { ...baseConfig };
-        // Avoid double side effects when shadow-running the pipeline: keep reads, drop writes.
-        const routingStateStore = baseConfig.routingStateStore;
-        if (routingStateStore && typeof routingStateStore.loadSync === 'function') {
-            shadowConfig.routingStateStore = {
-                loadSync: routingStateStore.loadSync.bind(routingStateStore),
-                saveAsync: () => { }
-            };
-        }
-        const healthStore = baseConfig.healthStore;
-        if (healthStore && typeof healthStore.loadInitialSnapshot === 'function') {
-            shadowConfig.healthStore = {
-                loadInitialSnapshot: healthStore.loadInitialSnapshot.bind(healthStore)
-            };
-        }
-        const quotaViewReadOnly = baseConfig.quotaViewReadOnly;
-        if (typeof quotaViewReadOnly === 'function') {
-            shadowConfig.quotaView = quotaViewReadOnly;
-        }
-        const bridge = (await import('../../../modules/llmswitch/bridge.js'));
-        const getCtor = bridge.getHubPipelineCtorForImpl;
-        if (typeof getCtor !== 'function') {
-            throw new Error('llmswitch bridge does not expose getHubPipelineCtorForImpl');
-        }
-        const ctorFactory = await getCtor('engine');
-        const hubCtor = ctorFactory;
-        if (!('virtualRouter' in shadowConfig)) {
-            throw new Error('HubPipeline shadow config missing virtualRouter');
-        }
-        this.hubPipelineEngineShadow = new hubCtor(shadowConfig);
-        return this.hubPipelineEngineShadow;
+        return await ensureHubPipelineEngineShadow(this);
     }
     isPipelineReady() {
-        return Boolean(this.hubPipeline);
+        return isPipelineReady(this);
     }
     async waitForRuntimeReady() {
-        if (this.runtimeReadyResolved) {
-            return;
-        }
-        if (this.runtimeReadyError) {
-            throw this.runtimeReadyError;
-        }
-        const raw = String(process.env.ROUTECODEX_STARTUP_HOLD_MS || process.env.RCC_STARTUP_HOLD_MS || '').trim();
-        const parsed = raw ? Number.parseInt(raw, 10) : NaN;
-        const timeoutMs = Number.isFinite(parsed) && parsed > 0 ? parsed : 120_000;
-        const timeoutPromise = new Promise((_resolve, reject) => {
-            const timer = setTimeout(() => reject(new Error(`startup timeout after ${timeoutMs}ms`)), timeoutMs);
-            try {
-                timer.unref?.();
-            }
-            catch {
-                // ignore
-            }
-        });
-        await Promise.race([this.runtimeReadyPromise, timeoutPromise]);
+        await waitForRuntimeReady(this);
     }
     isQuotaRoutingEnabled() {
-        const flag = this.config.server.quotaRoutingEnabled;
-        if (typeof flag === 'boolean') {
-            return flag;
-        }
-        return true;
+        return isQuotaRoutingEnabled(this);
     }
     shouldStartManagerDaemon() {
-        const mockFlag = String(process.env.ROUTECODEX_USE_MOCK || '').trim();
-        if (mockFlag === '1' || mockFlag.toLowerCase() === 'true') {
-            return false;
-        }
-        if (process.env.ROUTECODEX_MOCK_CONFIG_PATH || process.env.ROUTECODEX_MOCK_SAMPLES_DIR) {
-            return false;
-        }
-        return true;
+        return shouldStartManagerDaemon(this);
     }
     shouldEnableClockDaemonInjectLoop() {
-        const raw = String(process.env.ROUTECODEX_CLOCK_DAEMON_INJECT_ENABLE || process.env.RCC_CLOCK_DAEMON_INJECT_ENABLE || '').trim().toLowerCase();
-        if (raw === '0' || raw === 'false' || raw === 'off' || raw === 'no') {
-            return false;
-        }
-        if (raw === '1' || raw === 'true' || raw === 'on' || raw === 'yes') {
-            return true;
-        }
-        if (process.env.JEST_WORKER_ID || process.env.NODE_ENV === 'test') {
-            return false;
-        }
-        return true;
+        return shouldEnableClockDaemonInjectLoop();
     }
     resolveRawClockConfig() {
-        const user = this.userConfig && typeof this.userConfig === 'object' ? this.userConfig : {};
-        const vr = user.virtualrouter && typeof user.virtualrouter === 'object' ? user.virtualrouter : null;
-        if (vr && Object.prototype.hasOwnProperty.call(vr, 'clock')) {
-            return vr.clock;
-        }
-        if (Object.prototype.hasOwnProperty.call(user, 'clock')) {
-            return user.clock;
-        }
-        const artCfg = this.currentRouterArtifacts &&
-            this.currentRouterArtifacts.config &&
-            typeof this.currentRouterArtifacts.config === 'object'
-            ? this.currentRouterArtifacts.config
-            : null;
-        if (artCfg && Object.prototype.hasOwnProperty.call(artCfg, 'clock')) {
-            return artCfg.clock;
-        }
-        return undefined;
+        return resolveRawClockConfig(this);
     }
     stopClockDaemonInjectLoop() {
-        if (this.clockDaemonInjectTimer) {
-            clearInterval(this.clockDaemonInjectTimer);
-            this.clockDaemonInjectTimer = null;
-        }
+        stopClockDaemonInjectLoop(this);
     }
     startClockDaemonInjectLoop() {
-        this.stopClockDaemonInjectLoop();
-        if (!this.shouldEnableClockDaemonInjectLoop()) {
-            return;
-        }
-        const rawTick = String(process.env.ROUTECODEX_CLOCK_DAEMON_INJECT_TICK_MS || process.env.RCC_CLOCK_DAEMON_INJECT_TICK_MS || '').trim();
-        const parsedTick = rawTick ? Number.parseInt(rawTick, 10) : NaN;
-        const tickMs = Number.isFinite(parsedTick) && parsedTick >= 200 ? Math.floor(parsedTick) : 1500;
-        this.clockDaemonInjectTimer = setInterval(() => {
-            void this.tickClockDaemonInjectLoop();
-        }, tickMs);
-        this.clockDaemonInjectTimer.unref?.();
-        void this.tickClockDaemonInjectLoop();
+        startClockDaemonInjectLoop(this);
     }
     async tickClockDaemonInjectLoop() {
-        if (this.clockDaemonInjectTickInFlight) {
-            return;
-        }
-        this.clockDaemonInjectTickInFlight = true;
-        try {
-            const rawClockConfig = this.resolveRawClockConfig();
-            const resolvedClockConfig = await resolveClockConfigSnapshot(rawClockConfig);
-            if (!resolvedClockConfig) {
-                return;
-            }
-            const clockConfig = toExactMatchClockConfig(resolvedClockConfig);
-            const sessionDir = String(process.env.ROUTECODEX_SESSION_DIR || '').trim();
-            const clockDir = sessionDir ? path.join(sessionDir, 'clock') : '';
-            const entries = clockDir
-                ? await fs.readdir(clockDir, { withFileTypes: true }).catch(() => [])
-                : [];
-            const registry = getClockClientRegistry();
-            const now = Date.now();
-            const cleanupRequestId = `clock_cleanup_${now}_${Math.random().toString(16).slice(2, 8)}`;
-            const staleCleanup = registry.cleanupStaleHeartbeats({
-                nowMs: now,
-                terminateManagedTmuxSession: (tmuxSessionId) => killManagedTmuxSession(tmuxSessionId),
-                terminateManagedClientProcess: (processInfo) => terminateManagedClientProcess(processInfo)
-            });
-            const deadTmuxCleanup = registry.cleanupDeadTmuxSessions({
-                isTmuxSessionAlive,
-                terminateManagedTmuxSession: (tmuxSessionId) => killManagedTmuxSession(tmuxSessionId),
-                terminateManagedClientProcess: (processInfo) => terminateManagedClientProcess(processInfo)
-            });
-            const removedConversationSessionIds = Array.from(new Set([
-                ...staleCleanup.removedConversationSessionIds,
-                ...deadTmuxCleanup.removedConversationSessionIds
-            ]));
-            if (removedConversationSessionIds.length > 0) {
-                for (const removedConversationSessionId of removedConversationSessionIds) {
-                    await clearClockTasksSnapshot({
-                        sessionId: removedConversationSessionId,
-                        config: clockConfig
-                    });
-                }
-            }
-            const hasCleanupActions = staleCleanup.removedDaemonIds.length > 0
-                || deadTmuxCleanup.removedDaemonIds.length > 0;
-            if (hasCleanupActions && Date.now() - this.lastClockDaemonCleanupAtMs > 2000) {
-                this.lastClockDaemonCleanupAtMs = Date.now();
-                console.log('[RouteCodexHttpServer] clock daemon cleanup audit:', {
-                    requestId: cleanupRequestId,
-                    staleHeartbeat: {
-                        reason: 'heartbeat_timeout',
-                        staleAfterMs: staleCleanup.staleAfterMs,
-                        removedDaemonIds: staleCleanup.removedDaemonIds,
-                        removedTmuxSessionIds: staleCleanup.removedTmuxSessionIds,
-                        removedConversationSessionIds: staleCleanup.removedConversationSessionIds,
-                        killedTmuxSessionIds: staleCleanup.killedTmuxSessionIds,
-                        failedKillTmuxSessionIds: staleCleanup.failedKillTmuxSessionIds,
-                        skippedKillTmuxSessionIds: staleCleanup.skippedKillTmuxSessionIds,
-                        killedManagedClientPids: staleCleanup.killedManagedClientPids,
-                        failedKillManagedClientPids: staleCleanup.failedKillManagedClientPids,
-                        skippedKillManagedClientPids: staleCleanup.skippedKillManagedClientPids
-                    },
-                    deadTmux: {
-                        reason: 'tmux_not_alive',
-                        removedDaemonIds: deadTmuxCleanup.removedDaemonIds,
-                        removedTmuxSessionIds: deadTmuxCleanup.removedTmuxSessionIds,
-                        removedConversationSessionIds: deadTmuxCleanup.removedConversationSessionIds,
-                        killedTmuxSessionIds: deadTmuxCleanup.killedTmuxSessionIds,
-                        failedKillTmuxSessionIds: deadTmuxCleanup.failedKillTmuxSessionIds,
-                        skippedKillTmuxSessionIds: deadTmuxCleanup.skippedKillTmuxSessionIds,
-                        killedManagedClientPids: deadTmuxCleanup.killedManagedClientPids,
-                        failedKillManagedClientPids: deadTmuxCleanup.failedKillManagedClientPids,
-                        skippedKillManagedClientPids: deadTmuxCleanup.skippedKillManagedClientPids
-                    }
-                });
-            }
-            for (const entry of entries) {
-                if (!entry || typeof entry.name !== 'string') {
-                    continue;
-                }
-                if (!entry.name.endsWith('.json')) {
-                    continue;
-                }
-                if (typeof entry.isFile === 'function' && !entry.isFile()) {
-                    continue;
-                }
-                const sessionId = entry.name.slice(0, -'.json'.length).trim();
-                if (!sessionId) {
-                    continue;
-                }
-                const reservationId = 'clockd_inject_' + now + '_' + Math.random().toString(16).slice(2, 8);
-                const reserved = await reserveClockDueTasks({
-                    reservationId,
-                    sessionId,
-                    config: clockConfig,
-                    requestId: reservationId
-                });
-                if (!reserved || !reserved.reservation || typeof reserved.injectText !== 'string' || !reserved.injectText.trim()) {
-                    continue;
-                }
-                const bind = registry.bindConversationSession({ conversationSessionId: sessionId });
-                const text = [
-                    '[Clock Reminder]: scheduled tasks are due.',
-                    reserved.injectText.trim(),
-                    'You may call tools to complete these tasks.',
-                    'MANDATORY: if waiting is needed, use the clock tool to schedule wake-up (clock.schedule) now; do not only promise to wait.'
-                ].join('\n');
-                const injected = await registry.inject({
-                    sessionId,
-                    text,
-                    requestId: reservationId,
-                    source: 'clock.daemon.inject'
-                });
-                if (!injected.ok) {
-                    const nowWarn = Date.now();
-                    if (nowWarn - this.lastClockDaemonInjectErrorAtMs > 5000) {
-                        this.lastClockDaemonInjectErrorAtMs = nowWarn;
-                        console.warn('[RouteCodexHttpServer] clock daemon inject skipped:', {
-                            sessionId,
-                            injectReason: injected.reason,
-                            bindOk: bind.ok,
-                            bindReason: bind.reason
-                        });
-                    }
-                    continue;
-                }
-                await commitClockDueReservation({
-                    reservation: reserved.reservation,
-                    config: clockConfig
-                });
-            }
-        }
-        catch (error) {
-            const now = Date.now();
-            if (now - this.lastClockDaemonInjectErrorAtMs > 5000) {
-                this.lastClockDaemonInjectErrorAtMs = now;
-                console.warn('[RouteCodexHttpServer] clock daemon inject loop tick failed:', error);
-            }
-        }
-        finally {
-            this.clockDaemonInjectTickInFlight = false;
-        }
+        await tickClockDaemonInjectLoop(this);
     }
-    /**
-     * 初始化服务器
-     */
     async initialize() {
-        try {
-            console.log('[RouteCodexHttpServer] Starting initialization...');
-            // 初始化错误处理
-            await this.errorHandling.initialize();
-            await this.initializeRouteErrorHub();
-            // 初始化 ManagerDaemon 骨架（当前模块为占位实现，不改变行为）
-            // Mock regressions run many short-lived servers; skip daemon to avoid flakiness from lingering background tasks.
-            if (this.shouldStartManagerDaemon() && !this.managerDaemon) {
-                const serverId = canonicalizeServerId(this.config.server.host, this.config.server.port);
-                const daemon = new ManagerDaemon({ serverId, quotaRoutingEnabled: this.isQuotaRoutingEnabled() });
-                daemon.registerModule(new TokenManagerModule());
-                daemon.registerModule(new RoutingStateManagerModule());
-                daemon.registerModule(new HealthManagerModule());
-                // Quota manager（当前仅用于 antigravity/gemini-cli 等需要配额信息的 Provider）
-                try {
-                    const mod = (await import('../../../manager/modules/quota/index.js'));
-                    if (typeof mod.QuotaManagerModule === 'function') {
-                        daemon.registerModule(new mod.QuotaManagerModule());
-                    }
-                }
-                catch {
-                    // 可选模块，缺失时忽略
-                }
-                await daemon.start();
-                this.managerDaemon = daemon;
-            }
-            // registerDefaultMiddleware and registerOAuthPortalRoute already called in constructor
-            // Register remaining HTTP routes
-            registerHttpRoutes({
-                app: this.app,
-                config: this.config,
-                buildHandlerContext: () => this.buildHandlerContext(),
-                getPipelineReady: () => this.isPipelineReady(),
-                waitForPipelineReady: async () => await this.waitForRuntimeReady(),
-                handleError: (error, context) => this.handleError(error, context),
-                restartRuntimeFromDisk: async () => await this.restartRuntimeFromDisk(),
-                getHealthSnapshot: () => {
-                    const healthModule = this.managerDaemon?.getModule('health');
-                    return healthModule?.getCurrentSnapshot() ?? null;
-                },
-                getRoutingState: (sessionId) => {
-                    const routingModule = this.managerDaemon?.getModule('routing');
-                    const store = routingModule?.getRoutingStateStore();
-                    if (!store) {
-                        return null;
-                    }
-                    const key = sessionId && sessionId.trim() ? `session:${sessionId.trim()}` : '';
-                    return key ? store.loadSync(key) : null;
-                },
-                getManagerDaemon: () => this.managerDaemon,
-                getVirtualRouterArtifacts: () => this.currentRouterArtifacts,
-                getStatsSnapshot: () => ({
-                    session: this.stats.snapshot(Math.round(process.uptime() * 1000)),
-                    historical: this.stats.snapshotHistorical()
-                }),
-                getServerId: () => canonicalizeServerId(this.config.server.host, this.config.server.port)
-            });
-            this._isInitialized = true;
-            console.log('[RouteCodexHttpServer] Initialization completed successfully');
-        }
-        catch (error) {
-            await this.handleError(error, 'initialization');
-            throw error;
-        }
+        await initializeHttpServer(this);
     }
     async restartRuntimeFromDisk() {
-        // Serialize restarts to avoid racing provider disposals / hub updates.
-        const run = async () => {
-            const loaded = await loadRouteCodexConfig(this.config?.configPath);
-            const userConfig = asRecord(loaded.userConfig) ?? {};
-            const httpServerNode = asRecord(userConfig.httpserver) ??
-                asRecord(asRecord(userConfig.modules)?.httpserver)?.config ??
-                null;
-            const nextApiKey = httpServerNode ? (typeof httpServerNode.apikey === 'string' ? String(httpServerNode.apikey).trim() : '') : '';
-            const nextHost = httpServerNode ? (typeof httpServerNode.host === 'string' ? String(httpServerNode.host).trim() : '') : '';
-            const nextPort = httpServerNode ? (typeof httpServerNode.port === 'number' ? Number(httpServerNode.port) : NaN) : NaN;
-            const warnings = [];
-            // Best-effort: allow rotating apikey at runtime by mutating config object.
-            if (typeof nextApiKey === 'string' && nextApiKey !== String(this.config.server.apikey || '')) {
-                this.config.server.apikey = nextApiKey || undefined;
-            }
-            // host/port changes require rebind; record warnings but do not attempt to re-listen.
-            if (nextHost && nextHost !== this.config.server.host) {
-                warnings.push(`httpserver.host changed to "${nextHost}" but live server keeps "${this.config.server.host}" until process restart`);
-            }
-            if (Number.isFinite(nextPort) && nextPort > 0 && nextPort !== this.config.server.port) {
-                warnings.push(`httpserver.port changed to ${nextPort} but live server keeps ${this.config.server.port} until process restart`);
-            }
-            // Keep the server's configPath aligned with what was loaded.
-            this.config.configPath = loaded.configPath;
-            await this.reloadRuntime(loaded.userConfig, { providerProfiles: loaded.providerProfiles });
-            return { reloadedAt: Date.now(), configPath: loaded.configPath, ...(warnings.length ? { warnings } : {}) };
-        };
-        const slot = this.restartChain.then(run);
-        this.restartChain = slot.then(() => undefined, () => undefined);
-        return await slot;
+        return await restartRuntimeFromDisk(this);
     }
-    /**
-     * 启动服务器
-     */
     async start() {
-        if (!this._isInitialized) {
-            await this.initialize();
-        }
-        return new Promise((resolve, reject) => {
-            this.server = this.app.listen(this.config.server.port, this.config.server.host, () => {
-                this._isRunning = true;
-                const boundAddress = this.server?.address();
-                const resolvedPort = boundAddress && typeof boundAddress === 'object' && typeof boundAddress.port === 'number'
-                    ? boundAddress.port
-                    : this.config.server.port;
-                process.env.ROUTECODEX_SERVER_PORT = String(resolvedPort);
-                console.log(`[RouteCodexHttpServer] Server started on ${this.config.server.host}:${resolvedPort}`);
-                resolve();
-            });
-            // In test runners (Jest), prevent the listen handle from keeping the process alive
-            // in case some keep-alive sockets linger.
-            if (process.env.JEST_WORKER_ID || process.env.NODE_ENV === 'test') {
-                try {
-                    this.server.unref?.();
-                }
-                catch {
-                    // ignore
-                }
-            }
-            this.server.on('connection', (socket) => {
-                this.activeSockets.add(socket);
-                socket.on('close', () => {
-                    this.activeSockets.delete(socket);
-                });
-            });
-            this.server.on('error', async (error) => {
-                await this.handleError(error, 'server_start');
-                reject(error);
-            });
-        });
+        await startHttpServer(this);
+        // Start the clock reaper after server is running
+        startClockReaper();
     }
-    /**
-     * 停止服务器
-     */
     async stop() {
-        this.stopClockDaemonInjectLoop();
-        try {
-            await shutdownCamoufoxLaunchers();
-        }
-        catch {
-            // ignore launcher cleanup errors
-        }
-        if (!this.server) {
-            return;
-        }
-        if (this.server) {
-            // Best-effort: close any open keep-alive sockets so server.close can finish.
-            for (const socket of this.activeSockets) {
-                try {
-                    socket.destroy();
-                }
-                catch {
-                    // ignore
-                }
-            }
-            this.activeSockets.clear();
-            try {
-                const srv = this.server;
-                srv.closeIdleConnections?.();
-                srv.closeAllConnections?.();
-            }
-            catch {
-                // ignore
-            }
-            return new Promise(resolve => {
-                this.server?.close(async () => {
-                    this._isRunning = false;
-                    try {
-                        await this.disposeProviders();
-                    }
-                    catch { /* ignore */ }
-                    try {
-                        if (this.managerDaemon) {
-                            await this.managerDaemon.stop();
-                            this.managerDaemon = null;
-                        }
-                    }
-                    catch {
-                        // ignore manager shutdown failures
-                    }
-                    try {
-                        this.server?.removeAllListeners();
-                    }
-                    catch {
-                        // ignore
-                    }
-                    this.server = undefined;
-                    await this.errorHandling.destroy();
-                    try {
-                        const uptimeMs = Math.round(process.uptime() * 1000);
-                        const snapshot = this.stats.logSummary(uptimeMs);
-                        await this.stats.persistSnapshot(snapshot, { reason: 'server_shutdown' });
-                        await this.stats.logHistoricalSummary();
-                    }
-                    catch {
-                        // stats logging must never block shutdown
-                    }
-                    console.log('[RouteCodexHttpServer] Server stopped');
-                    resolve();
-                });
-            });
-        }
+        stopClockReaper();
+        await stopHttpServer(this);
     }
-    /**
-     * 获取服务器状态
-     */
     getStatus() {
-        return {
-            initialized: this._isInitialized,
-            running: this._isRunning,
-            port: this.config.server.port,
-            host: this.config.server.host,
-            uptime: process.uptime(),
-            memory: process.memoryUsage(),
-            version: 'v2'
-        };
+        return getHttpServerStatus(this);
     }
-    // Non-standard helper used by index.ts for logging URL
     getServerConfig() {
-        return { host: this.config.server.host, port: this.config.server.port };
+        return getHttpServerConfig(this);
     }
-    /**
-     * V1兼容接口：检查是否已初始化
-     */
     isInitialized() {
-        return this._isInitialized;
+        return isHttpServerInitialized(this);
     }
-    /**
-     * V1兼容接口：检查是否正在运行
-     */
     isRunning() {
-        return this._isRunning;
+        return isHttpServerRunning(this);
     }
-    /**
-     * 处理错误
-     */
     async handleError(error, context) {
-        const payload = {
-            code: `SERVER_${context.toUpperCase()}`,
-            message: error.message || 'RouteCodex server error',
-            source: `routecodex-server-v2.${context}`,
-            scope: 'server',
-            severity: 'medium',
-            details: {
-                name: error.name,
-                stack: error.stack,
-                version: 'v2'
-            },
-            originalError: error
-        };
-        try {
-            await reportRouteError(payload);
-        }
-        catch (handlerError) {
-            console.error('[RouteCodexHttpServer] Failed to report error via RouteErrorHub:', formatValueForConsole(handlerError));
-            console.error('[RouteCodexHttpServer] Original error:', formatValueForConsole(error));
-        }
+        await handleHttpServerError(this, error, context);
     }
-    // --- V1 parity helpers and attach methods ---
     async initializeWithUserConfig(userConfig, context) {
-        try {
-            this.updateProviderProfiles(context?.providerProfiles, userConfig);
-            await this.setupRuntime(userConfig);
-            if (!this.runtimeReadyResolved) {
-                this.runtimeReadyResolved = true;
-                this.runtimeReadyResolve?.();
-            }
-        }
-        catch (error) {
-            const normalized = error instanceof Error ? error : new Error(String(error));
-            this.runtimeReadyError = normalized;
-            if (!this.runtimeReadyResolved) {
-                this.runtimeReadyReject?.(normalized);
-            }
-            throw error;
-        }
+        await initializeWithUserConfig(this, userConfig, context);
     }
     async reloadRuntime(userConfig, context) {
-        this.updateProviderProfiles(context?.providerProfiles, userConfig);
-        await this.setupRuntime(userConfig);
-        if (!this.runtimeReadyResolved) {
-            this.runtimeReadyResolved = true;
-            this.runtimeReadyResolve?.();
-        }
+        await reloadHttpServerRuntime(this, userConfig, context);
     }
     async setupRuntime(userConfig) {
-        this.userConfig = asRecord(userConfig);
-        this.ensureProviderProfilesFromUserConfig();
-        const routerInput = this.resolveVirtualRouterInput(this.userConfig);
-        const bootstrapArtifacts = await this.bootstrapVirtualRouter(routerInput);
-        this.currentRouterArtifacts = bootstrapArtifacts;
-        const hubCtor = await this.ensureHubPipelineCtor();
-        const hubConfig = {
-            virtualRouter: bootstrapArtifacts.config
-        };
-        // Unified Hub Framework V1: policy rollout toggle.
-        // Default: enforce (Phase 1: Responses-first outbound policy; currently only
-        // affects openai-responses provider outbound payload).
-        // - Disable via env: ROUTECODEX_HUB_POLICY_MODE=off
-        // - Enforce via env: ROUTECODEX_HUB_POLICY_MODE=enforce
-        const hubPolicyModeRaw = String(process.env.ROUTECODEX_HUB_POLICY_MODE || '').trim().toLowerCase();
-        const hubPolicyMode = hubPolicyModeRaw === 'off' || hubPolicyModeRaw === '0' || hubPolicyModeRaw === 'false'
-            ? null
-            : (hubPolicyModeRaw === 'observe' || hubPolicyModeRaw === 'enforce' ? hubPolicyModeRaw : 'enforce');
-        this.hubPolicyMode = hubPolicyMode ?? 'off';
-        if (hubPolicyMode) {
-            const sampleRateRaw = String(process.env.ROUTECODEX_HUB_POLICY_SAMPLE_RATE || '').trim();
-            const sampleRate = sampleRateRaw ? Number(sampleRateRaw) : undefined;
-            hubConfig.policy = {
-                mode: hubPolicyMode,
-                ...(Number.isFinite(sampleRate) ? { sampleRate } : {})
-            };
-        }
-        // Unified Hub Framework V1: tool surface rollout toggle (enforce by default in dev).
-        // - Disable via env: ROUTECODEX_HUB_TOOL_SURFACE_MODE=off
-        // - Observe via env: ROUTECODEX_HUB_TOOL_SURFACE_MODE=observe
-        // - Shadow (diff-only, no rewrites) via env: ROUTECODEX_HUB_TOOL_SURFACE_MODE=shadow
-        // - Enforce (rewrite outbound payload) via env: ROUTECODEX_HUB_TOOL_SURFACE_MODE=enforce
-        const toolSurfaceModeRaw = String(process.env.ROUTECODEX_HUB_TOOL_SURFACE_MODE || '').trim().toLowerCase();
-        const toolSurfaceMode = toolSurfaceModeRaw === 'off' || toolSurfaceModeRaw === '0' || toolSurfaceModeRaw === 'false'
-            ? null
-            : toolSurfaceModeRaw === 'observe' || toolSurfaceModeRaw === 'shadow' || toolSurfaceModeRaw === 'enforce'
-                ? toolSurfaceModeRaw
-                : buildInfo.mode === 'dev'
-                    ? 'enforce'
-                    : null;
-        if (toolSurfaceMode) {
-            const sampleRateRaw = String(process.env.ROUTECODEX_HUB_TOOL_SURFACE_SAMPLE_RATE || '').trim();
-            const sampleRate = sampleRateRaw ? Number(sampleRateRaw) : undefined;
-            hubConfig.toolSurface = {
-                mode: toolSurfaceMode,
-                ...(Number.isFinite(sampleRate) ? { sampleRate } : {})
-            };
-            // Also export the resolved mode to env so llmswitch-core response conversion
-            // (convertProviderResponse) can observe tool surface mismatches consistently.
-            if (!process.env.ROUTECODEX_HUB_TOOL_SURFACE_MODE) {
-                process.env.ROUTECODEX_HUB_TOOL_SURFACE_MODE = toolSurfaceMode;
-            }
-        }
-        // Unified Hub Framework V1: followup (servertool) shadow compare toggle.
-        // Implemented in llmswitch-core servertool engine; controlled by env for progressive rollout.
-        // Default: shadow in dev builds; off in release builds.
-        if (!process.env.ROUTECODEX_HUB_FOLLOWUP_MODE) {
-            if (buildInfo.mode === 'dev') {
-                process.env.ROUTECODEX_HUB_FOLLOWUP_MODE = 'shadow';
-            }
-        }
-        const healthModule = this.managerDaemon?.getModule('health');
-        const healthStore = healthModule?.getHealthStore();
-        if (healthStore) {
-            hubConfig.healthStore = healthStore;
-        }
-        const routingModule = this.managerDaemon?.getModule('routing');
-        const routingStateStore = routingModule?.getRoutingStateStore();
-        if (routingStateStore) {
-            hubConfig.routingStateStore = routingStateStore;
-        }
-        const quotaModule = this.managerDaemon?.getModule('quota');
-        if (this.isQuotaRoutingEnabled() && quotaModule && typeof quotaModule.getQuotaView === 'function') {
-            hubConfig.quotaView = quotaModule.getQuotaView();
-            if (typeof quotaModule.getQuotaViewReadOnly === 'function') {
-                hubConfig.quotaViewReadOnly = quotaModule.getQuotaViewReadOnly();
-            }
-        }
-        if (!this.hubPipeline) {
-            this.hubPipeline = new hubCtor(hubConfig);
-        }
-        else {
-            const existing = this.hubPipeline;
-            try {
-                existing.updateRuntimeDeps?.({
-                    ...(healthStore ? { healthStore } : {}),
-                    ...(routingStateStore ? { routingStateStore } : {}),
-                    ...('quotaView' in hubConfig ? { quotaView: hubConfig.quotaView } : {})
-                });
-            }
-            catch {
-                // best-effort: runtime deps updates must never block reload
-            }
-            this.hubPipeline.updateVirtualRouterConfig(bootstrapArtifacts.config);
-        }
-        // llms-engine shadow: capture the latest hub config and reset shadow pipeline to avoid stale deps.
-        this.hubPipelineConfigForShadow = hubConfig;
-        this.hubPipelineEngineShadow = null;
-        await this.initializeProviderRuntimes(bootstrapArtifacts);
-        this.startClockDaemonInjectLoop();
+        await setupRuntime(this, userConfig);
     }
     buildHandlerContext() {
-        return {
-            executePipeline: this.executePipeline.bind(this),
-            errorHandling: this.errorHandling
-        };
+        return buildHttpHandlerContext(this);
     }
     async initializeProviderRuntimes(artifacts) {
-        const runtimeMap = artifacts?.targetRuntime ?? this.currentRouterArtifacts?.targetRuntime ?? undefined;
-        if (!runtimeMap) {
-            return;
-        }
-        await this.disposeProviders();
-        this.providerKeyToRuntimeKey.clear();
-        this.providerRuntimeInitErrors.clear();
-        // Antigravity UA preload (best-effort):
-        // - fetch latest UA version once (cached)
-        // - load per-alias camoufox fingerprints so UA suffix stays stable per OAuth session
-        try {
-            const aliases = [];
-            for (const [providerKey, runtime] of Object.entries(runtimeMap)) {
-                const key = typeof providerKey === 'string' ? providerKey.trim() : '';
-                const rk = runtime && typeof runtime.runtimeKey === 'string'
-                    ? String(runtime.runtimeKey).trim()
-                    : '';
-                for (const candidate of [rk, key]) {
-                    if (!candidate.toLowerCase().startsWith('antigravity.')) {
-                        continue;
-                    }
-                    const parts = candidate.split('.');
-                    if (parts.length >= 2 && parts[1] && parts[1].trim()) {
-                        aliases.push(parts[1].trim());
-                    }
-                }
-            }
-            if (aliases.length) {
-                await Promise.allSettled([
-                    primeAntigravityUserAgentVersion(),
-                    preloadAntigravityAliasUserAgents(aliases)
-                ]);
-            }
-        }
-        catch {
-            // UA preload must never block runtime init/reload
-        }
-        const quotaModule = this.managerDaemon?.getModule('quota');
-        // Antigravity warmup (strict): if UA fingerprint suffix doesn't match local OAuth fingerprint, blacklist the alias.
-        if (isAntigravityWarmupEnabled()) {
-            try {
-                const providerKeysByAlias = new Map();
-                for (const providerKey of Object.keys(runtimeMap)) {
-                    const key = typeof providerKey === 'string' ? providerKey.trim() : '';
-                    if (!key.toLowerCase().startsWith('antigravity.')) {
-                        continue;
-                    }
-                    const parts = key.split('.');
-                    if (parts.length < 3) {
-                        continue;
-                    }
-                    const alias = parts[1]?.trim();
-                    if (!alias) {
-                        continue;
-                    }
-                    const list = providerKeysByAlias.get(alias) || [];
-                    list.push(key);
-                    providerKeysByAlias.set(alias, list);
-                }
-                if (providerKeysByAlias.size > 0) {
-                    const canBlacklist = Boolean(quotaModule && typeof quotaModule.disableProvider === 'function');
-                    const durationMs = getAntigravityWarmupBlacklistDurationMs();
-                    let okCount = 0;
-                    let failCount = 0;
-                    for (const [alias, providerKeys] of providerKeysByAlias.entries()) {
-                        const result = await warmupCheckAntigravityAlias(alias);
-                        if (result.ok) {
-                            okCount += 1;
-                            console.log(`[antigravity:warmup] ok alias=${alias} profile=${result.profileId} fp_os=${result.fingerprintOs} fp_arch=${result.fingerprintArch} ua_suffix=${result.actualSuffix} ua=${result.actualUserAgent}`);
-                            continue;
-                        }
-                        failCount += 1;
-                        const expected = result.expectedSuffix ? ` expected=${result.expectedSuffix}` : '';
-                        const actual = result.actualSuffix ? ` actual=${result.actualSuffix}` : '';
-                        const hint = result.reason === 'linux_not_allowed'
-                            ? ` hint="run: routecodex camoufox-fp repair --provider antigravity --alias ${alias}"`
-                            : result.reason === 'reauth_required'
-                                ? ` hint="run: routecodex oauth antigravity-auto ${result.tokenFile || `antigravity-oauth-*-` + alias + `.json`}"` +
-                                    `${result.fromSuffix ? ` from=${result.fromSuffix}` : ''}${result.toSuffix ? ` to=${result.toSuffix}` : ''}`
-                                : '';
-                        console.error(`[antigravity:warmup] FAIL alias=${alias} profile=${result.profileId}${result.fingerprintOs ? ` fp_os=${result.fingerprintOs}` : ''}${result.fingerprintArch ? ` fp_arch=${result.fingerprintArch}` : ''} reason=${result.reason}${expected}${actual}${hint} providerKeys=${providerKeys.length}${canBlacklist ? '' : ' (quota module unavailable; cannot blacklist)'}`);
-                        if (canBlacklist) {
-                            await Promise.allSettled(providerKeys.map((providerKey) => quotaModule.disableProvider({ providerKey, mode: 'blacklist', durationMs })));
-                        }
-                    }
-                    console.log(`[antigravity:warmup] summary ok=${okCount} fail=${failCount} total=${providerKeysByAlias.size}`);
-                }
-            }
-            catch {
-                // warmup is best-effort; never block server startup
-            }
-        }
-        // Multiple providerKeys may share the same runtimeKey (single provider handle with multiple models).
-        // Quota is tracked by providerKey, so we need a stable way to derive authType for every key,
-        // even when the handle has already been created for this runtimeKey.
-        const runtimeKeyAuthType = new Map();
-        const apikeyDailyResetTime = (() => {
-            const vr = this.userConfig && typeof this.userConfig === 'object' ? this.userConfig.virtualrouter : null;
-            const quota = vr && typeof vr === 'object' && !Array.isArray(vr) ? vr.quota : null;
-            if (!quota || typeof quota !== 'object' || Array.isArray(quota)) {
-                return null;
-            }
-            const raw = typeof quota.apikeyDailyResetTime === 'string'
-                ? quota.apikeyDailyResetTime
-                : typeof quota.apikeyResetTime === 'string'
-                    ? quota.apikeyResetTime
-                    : typeof quota.apikeyReset === 'string'
-                        ? quota.apikeyReset
-                        : null;
-            const trimmed = typeof raw === 'string' ? raw.trim() : '';
-            return trimmed ? trimmed : null;
-        })();
-        const failedRuntimeKeys = new Set();
-        for (const [providerKey, runtime] of Object.entries(runtimeMap)) {
-            if (!runtime) {
-                continue;
-            }
-            const runtimeKey = runtime.runtimeKey || providerKey;
-            const authTypeFromRuntime = runtime && runtime.auth && typeof runtime.auth.type === 'string'
-                ? String(runtime.auth.type).trim()
-                : null;
-            if (failedRuntimeKeys.has(runtimeKey)) {
-                continue;
-            }
-            if (!this.providerHandles.has(runtimeKey)) {
-                let patchedRuntime = null;
-                try {
-                    const resolvedRuntime = await this.materializeRuntimeProfile(runtime);
-                    patchedRuntime = this.applyProviderProfileOverrides(resolvedRuntime);
-                    try {
-                        const authTypeFromPatched = patchedRuntime && patchedRuntime.auth && typeof patchedRuntime.auth.type === 'string'
-                            ? String(patchedRuntime.auth.type).trim()
-                            : null;
-                        if (authTypeFromPatched) {
-                            runtimeKeyAuthType.set(runtimeKey, authTypeFromPatched);
-                        }
-                        else if (authTypeFromRuntime) {
-                            runtimeKeyAuthType.set(runtimeKey, authTypeFromRuntime);
-                        }
-                        else if (!runtimeKeyAuthType.has(runtimeKey)) {
-                            runtimeKeyAuthType.set(runtimeKey, null);
-                        }
-                    }
-                    catch {
-                        // ignore authType derivation failures
-                    }
-                    const handle = await this.createProviderHandle(runtimeKey, patchedRuntime);
-                    this.providerHandles.set(runtimeKey, handle);
-                    this.providerRuntimeInitErrors.delete(runtimeKey);
-                }
-                catch (error) {
-                    // Non-blocking: do not crash server startup when a provider is misconfigured (e.g. missing env var).
-                    // Emit a provider error so health/quota modules can mark it unhealthy and routing can fail over.
-                    failedRuntimeKeys.add(runtimeKey);
-                    if (error instanceof Error) {
-                        this.providerRuntimeInitErrors.set(runtimeKey, error);
-                    }
-                    else {
-                        this.providerRuntimeInitErrors.set(runtimeKey, new Error(String(error)));
-                    }
-                    try {
-                        const { emitProviderError } = await import('../../../providers/core/utils/provider-error-reporter.js');
-                        emitProviderError({
-                            error,
-                            stage: 'provider.runtime.init',
-                            runtime: {
-                                requestId: `startup_${Date.now()}`,
-                                providerKey,
-                                providerId: runtime.providerId || runtimeKey.split('.')[0],
-                                providerType: String(runtime.providerType || runtime.providerType || 'unknown'),
-                                providerProtocol: String(runtime.outboundProfile || ''),
-                                routeName: 'startup',
-                                pipelineId: 'startup',
-                                runtimeKey
-                            },
-                            dependencies: this.getModuleDependencies(),
-                            recoverable: false,
-                            affectsHealth: true,
-                            details: {
-                                reason: 'provider_init_failed',
-                                runtimeKey,
-                                providerKey
-                            }
-                        });
-                    }
-                    catch {
-                        // ignore emit failures
-                    }
-                    // Skip this providerKey mapping; requests will fail over if routing selects it.
-                    continue;
-                }
-            }
-            // Register static quota metadata for every providerKey (not just per runtimeKey).
-            // Use the runtimeKey authType when available so shared runtimeKey models inherit correct policy.
-            try {
-                const authType = runtimeKeyAuthType.get(runtimeKey) ?? authTypeFromRuntime;
-                const apikeyResetForKey = authType === 'apikey' ? apikeyDailyResetTime : null;
-                quotaModule?.registerProviderStaticConfig?.(providerKey, {
-                    authType: authType ?? null,
-                    apikeyDailyResetTime: apikeyResetForKey
-                });
-            }
-            catch {
-                // best-effort: quota static config registration must never block runtime init
-            }
-            // Only map providerKey when runtimeKey has an initialized handle.
-            if (this.providerHandles.has(runtimeKey)) {
-                this.providerKeyToRuntimeKey.set(providerKey, runtimeKey);
-            }
-        }
+        await initializeProviderRuntimes(this, artifacts);
     }
     async createProviderHandle(runtimeKey, runtime) {
-        const protocolType = normalizeProviderType(runtime.providerType);
-        const providerFamily = runtime.providerFamily || protocolType;
-        const providerProtocol = (typeof runtime.outboundProfile === 'string' && runtime.outboundProfile.trim()
-            ? runtime.outboundProfile.trim()
-            : undefined) ?? mapProviderProtocol(protocolType);
-        const instance = ProviderFactory.createProviderFromRuntime(runtime, this.getModuleDependencies());
-        await instance.initialize();
-        const providerId = runtime.providerId || runtimeKey.split('.')[0];
-        return {
-            runtimeKey,
-            providerId,
-            providerType: protocolType,
-            providerFamily,
-            providerProtocol,
-            runtime,
-            instance
-        };
+        return await createProviderHandle(this, runtimeKey, runtime);
     }
     async materializeRuntimeProfile(runtime) {
-        const auth = await this.resolveRuntimeAuth(runtime);
-        const baseUrl = this.normalizeRuntimeBaseUrl(runtime);
-        const identity = resolveProviderIdentity(runtime.providerType, runtime.providerFamily);
-        return {
-            ...runtime,
-            ...(baseUrl ? { baseUrl } : {}),
-            providerType: identity.providerType,
-            providerFamily: identity.providerFamily,
-            auth
-        };
+        return await materializeRuntimeProfile(this, runtime);
     }
     normalizeRuntimeBaseUrl(runtime) {
-        const candidates = [runtime.baseUrl, runtime.endpoint];
-        for (const candidate of candidates) {
-            if (typeof candidate === 'string' && candidate.trim()) {
-                return candidate.trim();
-            }
-        }
-        return undefined;
+        return normalizeRuntimeBaseUrl(this, runtime);
     }
     async resolveRuntimeAuth(runtime) {
-        const auth = runtime.auth || { type: 'apikey' };
-        const authRecord = auth;
-        const authType = this.normalizeAuthType(auth.type);
-        const rawType = typeof auth.rawType === 'string' ? auth.rawType.trim().toLowerCase() : '';
-        const pickString = (...candidates) => {
-            for (const candidate of candidates) {
-                if (typeof candidate === 'string') {
-                    const trimmed = candidate.trim();
-                    if (trimmed) {
-                        return trimmed;
-                    }
-                }
-            }
-            return undefined;
-        };
-        const pickStringArray = (value) => {
-            if (!value) {
-                return undefined;
-            }
-            if (Array.isArray(value)) {
-                const normalized = value
-                    .map((item) => pickString(item))
-                    .filter((item) => typeof item === 'string');
-                return normalized.length ? normalized : undefined;
-            }
-            if (typeof value === 'string' && value.trim()) {
-                const normalized = value
-                    .split(/[,\s]+/)
-                    .map((item) => item.trim())
-                    .filter(Boolean);
-                return normalized.length ? normalized : undefined;
-            }
-            return undefined;
-        };
-        if (authType === 'apikey') {
-            if (rawType === 'iflow-cookie') {
-                return { ...auth, type: 'apikey', rawType: auth.rawType ?? 'iflow-cookie' };
-            }
-            if (rawType === 'deepseek-account') {
-                // Compatibility note:
-                // legacy deepseek configs may still carry value/secretRef/mobile/password/clientId/clientSecret.
-                // Runtime auth for deepseek-account is tokenFile(+alias)-only; we strip legacy fields instead of
-                // failing init so existing deployments can migrate without downtime.
-                const tokenFile = pickString(authRecord.tokenFile, authRecord.token_file);
-                const accountAlias = pickString(authRecord.accountAlias, authRecord.account_alias, runtime.keyAlias);
-                return {
-                    type: 'apikey',
-                    rawType: auth.rawType ?? 'deepseek-account',
-                    value: '',
-                    ...(accountAlias ? { accountAlias } : {}),
-                    ...(tokenFile ? { tokenFile } : {})
-                };
-            }
-            const value = await this.resolveApiKeyValue(runtime, auth);
-            return { ...auth, type: 'apikey', value };
-        }
-        const resolved = {
-            type: 'oauth',
-            secretRef: auth.secretRef,
-            value: auth.value,
-            oauthProviderId: auth.oauthProviderId,
-            rawType: auth.rawType,
-            tokenFile: pickString(authRecord.tokenFile, authRecord.token_file),
-            tokenUrl: pickString(authRecord.tokenUrl, authRecord.token_url),
-            deviceCodeUrl: pickString(authRecord.deviceCodeUrl, authRecord.device_code_url),
-            clientId: pickString(authRecord.clientId, authRecord.client_id),
-            clientSecret: pickString(authRecord.clientSecret, authRecord.client_secret),
-            authorizationUrl: pickString(authRecord.authorizationUrl, authRecord.authorization_url, authRecord.authUrl),
-            userInfoUrl: pickString(authRecord.userInfoUrl, authRecord.user_info_url),
-            refreshUrl: pickString(authRecord.refreshUrl, authRecord.refresh_url),
-            scopes: pickStringArray(authRecord.scopes ?? authRecord.scope)
-        };
-        let tokenFile = resolved.tokenFile;
-        if (!tokenFile && typeof auth.secretRef === 'string' && auth.secretRef.trim()) {
-            tokenFile = await this.resolveSecretValue(auth.secretRef.trim());
-        }
-        resolved.tokenFile = tokenFile;
-        return resolved;
+        return await resolveRuntimeAuth(this, runtime);
     }
     async resolveApiKeyValue(runtime, auth) {
-        const inline = typeof auth?.value === 'string' ? auth.value.trim() : '';
-        if (inline) {
-            if (this.isSafeSecretReference(inline)) {
-                return await this.resolveSecretValue(inline);
-            }
-            return inline;
-        }
-        const rawSecretRef = typeof auth?.secretRef === 'string' ? auth.secretRef.trim() : '';
-        // llmswitch-core may populate secretRef as a stable signature (e.g. "provider.alias").
-        // Only treat it as a resolvable secret reference when it matches our safe reference grammar.
-        if (rawSecretRef && this.isSafeSecretReference(rawSecretRef)) {
-            const resolved = await this.resolveSecretValue(rawSecretRef);
-            if (resolved) {
-                return resolved;
-            }
-        }
-        // Local OpenAI-compatible endpoints (e.g., LM Studio) may not require auth.
-        // Keep fail-fast for remote providers by only allowing empty apiKey when baseURL is local.
-        const baseURL = typeof runtime?.baseURL === 'string'
-            ? String(runtime.baseURL).trim()
-            : typeof runtime?.baseUrl === 'string'
-                ? String(runtime.baseUrl).trim()
-                : typeof runtime?.endpoint === 'string'
-                    ? String(runtime.endpoint).trim()
-                    : '';
-        if (this.isLocalBaseUrl(baseURL)) {
-            return '';
-        }
-        throw new Error(`Provider runtime "${runtime.runtimeKey || runtime.providerId}" missing API key`);
+        return await resolveApiKeyValue(this, runtime, auth);
     }
     isLocalBaseUrl(value) {
-        const raw = typeof value === 'string' ? value.trim() : '';
-        if (!raw) {
-            return false;
-        }
-        try {
-            const url = new URL(raw);
-            const host = String(url.hostname || '').trim().toLowerCase();
-            return (host === 'localhost' ||
-                host === '127.0.0.1' ||
-                host === '0.0.0.0' ||
-                host === '::1' ||
-                host === '::ffff:127.0.0.1');
-        }
-        catch {
-            const lower = raw.toLowerCase();
-            return (lower.includes('localhost') ||
-                lower.includes('127.0.0.1') ||
-                lower.includes('0.0.0.0') ||
-                lower.includes('[::1]'));
-        }
+        return isLocalBaseUrl(this, value);
     }
     async disposeProviders() {
-        const handles = Array.from(this.providerHandles.values());
-        await Promise.all(handles.map(async (handle) => {
-            try {
-                await handle.instance.cleanup();
-            }
-            catch {
-                // ignore cleanup errors
-            }
-        }));
-        this.providerHandles.clear();
-        ProviderFactory.clearInstanceCache?.();
+        await disposeProviders(this);
     }
     async executePipeline(input) {
-        if (!this.isPipelineReady()) {
-            throw new Error('Hub pipeline runtime is not initialized');
-        }
-        // Stats must remain stable across provider retries and requestId enhancements.
-        const statsRequestId = input.requestId;
-        this.stats.recordRequestStart(statsRequestId);
-        const initialMetadata = this.buildRequestMetadata(input);
-        const providerRequestId = input.requestId;
-        const clientRequestId = typeof initialMetadata.clientRequestId === 'string' && initialMetadata.clientRequestId.trim()
-            ? initialMetadata.clientRequestId.trim()
-            : providerRequestId;
-        this.logStage('request.received', providerRequestId, {
-            endpoint: input.entryEndpoint,
-            stream: initialMetadata.stream === true
-        });
-        try {
-            const headerUa = (typeof input.headers?.['user-agent'] === 'string' && input.headers['user-agent']) ||
-                (typeof input.headers?.['User-Agent'] === 'string' && input.headers['User-Agent']);
-            const headerOriginator = (typeof input.headers?.['originator'] === 'string' && input.headers['originator']) ||
-                (typeof input.headers?.['Originator'] === 'string' && input.headers['Originator']);
-            await writeClientSnapshot({
-                entryEndpoint: input.entryEndpoint,
-                requestId: input.requestId,
-                headers: asRecord(input.headers),
-                body: input.body,
-                metadata: {
-                    ...initialMetadata,
-                    userAgent: headerUa,
-                    clientOriginator: headerOriginator
-                }
-            });
-        }
-        catch {
-            // snapshot failure should not block request path
-        }
-        const pipelineLabel = 'hub';
-        const iterationMetadata = initialMetadata;
-        // _followupTriggered = false;
-        // 单次 HTTP 请求内允许多次 failover（不在 Provider 层做重试）：
-        // - 让 VirtualRouter 根据 excludedProviderKeys 跳过失败目标
-        // - 避免客户端“一次就断”导致对话破裂（尤其是 429 / prompt too long 等可恢复错误）
-        // - 通过 env 允许按部署/客户端调整：ROUTECODEX_MAX_PROVIDER_ATTEMPTS / RCC_MAX_PROVIDER_ATTEMPTS
-        let maxAttempts = resolveMaxProviderAttempts();
-        let attempt = 0;
-        let firstError = null;
-        const originalBodySnapshot = this.cloneRequestPayload(input.body);
-        const excludedProviderKeys = new Set();
-        let initialRoutePool = null;
-        while (attempt < maxAttempts) {
-            attempt += 1;
-            // 每次尝试前重置请求 body，避免上一轮 HubPipeline 的就地改写导致
-            // 第二轮出现 ChatEnvelopeValidationError(messages_missing) 之类的问题。
-            if (originalBodySnapshot && typeof originalBodySnapshot === 'object') {
-                const cloned = this.cloneRequestPayload(originalBodySnapshot) ??
-                    { ...originalBodySnapshot };
-                input.body = cloned;
-            }
-            // 为本轮构建独立的 metadata 视图，并注入当前已排除的 providerKey 集合，
-            // 让 VirtualRouter 在同一 HTTP 请求内跳过已经 429 过的 key。
-            const metadataForIteration = {
-                ...iterationMetadata,
-                excludedProviderKeys: Array.from(excludedProviderKeys)
-            };
-            this.logStage(`${pipelineLabel}.start`, providerRequestId, {
-                endpoint: input.entryEndpoint,
-                stream: metadataForIteration.stream
-            });
-            const originalRequestSnapshot = this.cloneRequestPayload(input.body);
-            let pipelineResult;
-            try {
-                pipelineResult = await this.runHubPipeline(input, metadataForIteration);
-            }
-            catch (pipelineError) {
-                const pipelineErrorCode = typeof pipelineError.code === 'string'
-                    ? String(pipelineError.code).trim()
-                    : '';
-                const pipelineErrorMessage = pipelineError instanceof Error
-                    ? pipelineError.message
-                    : String(pipelineError ?? 'Unknown error');
-                const isPoolExhaustedError = pipelineErrorCode === 'PROVIDER_NOT_AVAILABLE' ||
-                    pipelineErrorCode === 'ERR_NO_PROVIDER_TARGET' ||
-                    /all providers unavailable/i.test(pipelineErrorMessage) ||
-                    /virtual router did not produce a provider target/i.test(pipelineErrorMessage);
-                if (firstError && isPoolExhaustedError) {
-                    throw firstError;
-                }
-                throw pipelineError;
-            }
-            const pipelineMetadata = pipelineResult.metadata ?? {};
-            const mergedMetadata = { ...metadataForIteration, ...pipelineMetadata };
-            this.logStage(`${pipelineLabel}.completed`, providerRequestId, {
-                route: pipelineResult.routingDecision?.routeName,
-                target: pipelineResult.target?.providerKey
-            });
-            if (!initialRoutePool && Array.isArray(pipelineResult.routingDecision?.pool)) {
-                initialRoutePool = [...pipelineResult.routingDecision.pool];
-            }
-            const providerPayload = pipelineResult.providerPayload;
-            const target = pipelineResult.target;
-            if (!providerPayload || !target?.providerKey) {
-                throw Object.assign(new Error('Virtual router did not produce a provider target'), {
-                    code: 'ERR_NO_PROVIDER_TARGET',
-                    requestId: input.requestId
-                });
-            }
-            // Ensure response-side conversion has access to route-selected target metadata (compat profiles, etc.).
-            // This is an execution metadata carrier only; tool/routing semantics still live in llmswitch-core.
-            if (!mergedMetadata.target) {
-                mergedMetadata.target = target;
-            }
-            if (!mergedMetadata.compatibilityProfile && typeof target.compatibilityProfile === 'string' && target.compatibilityProfile.trim()) {
-                mergedMetadata.compatibilityProfile = target.compatibilityProfile.trim();
-            }
-            const runtimeKey = target.runtimeKey || this.providerKeyToRuntimeKey.get(target.providerKey);
-            if (!runtimeKey) {
-                const error = Object.assign(new Error(`Runtime for provider ${target.providerKey} not initialized`), {
-                    code: 'ERR_RUNTIME_NOT_FOUND',
-                    requestId: input.requestId,
-                    retryable: true
-                });
-                try {
-                    const { emitProviderError } = await import('../../../providers/core/utils/provider-error-reporter.js');
-                    emitProviderError({
-                        error,
-                        stage: 'provider.runtime.resolve',
-                        runtime: {
-                            requestId: input.requestId,
-                            providerKey: target.providerKey,
-                            providerId: target.providerKey.split('.')[0],
-                            providerType: String(target.providerType || 'unknown'),
-                            providerProtocol: String(target.outboundProfile || ''),
-                            routeName: pipelineResult.routingDecision?.routeName,
-                            pipelineId: target.providerKey,
-                            target
-                        },
-                        dependencies: this.getModuleDependencies(),
-                        recoverable: false,
-                        affectsHealth: true,
-                        details: {
-                            reason: 'runtime_not_initialized',
-                            providerKey: target.providerKey
-                        }
-                    });
-                }
-                catch {
-                    // best-effort
-                }
-                if (!firstError) {
-                    firstError = error;
-                }
-                excludedProviderKeys.add(target.providerKey);
-                this.logStage('provider.retry', input.requestId, {
-                    providerKey: target.providerKey,
-                    attempt,
-                    nextAttempt: attempt + 1,
-                    excluded: Array.from(excludedProviderKeys),
-                    reason: 'runtime_not_initialized'
-                });
-                continue;
-            }
-            const handle = this.providerHandles.get(runtimeKey);
-            if (!handle) {
-                const initError = this.providerRuntimeInitErrors.get(runtimeKey);
-                const error = Object.assign(new Error(initError
-                    ? `Provider runtime ${runtimeKey} failed to initialize: ${initError.message}`
-                    : `Provider runtime ${runtimeKey} not found`), {
-                    code: 'ERR_PROVIDER_NOT_FOUND',
-                    requestId: input.requestId,
-                    retryable: true
-                });
-                try {
-                    const { emitProviderError } = await import('../../../providers/core/utils/provider-error-reporter.js');
-                    emitProviderError({
-                        error: initError ?? error,
-                        stage: 'provider.runtime.resolve',
-                        runtime: {
-                            requestId: input.requestId,
-                            providerKey: target.providerKey,
-                            providerId: target.providerKey.split('.')[0],
-                            providerType: String(target.providerType || 'unknown'),
-                            providerProtocol: String(target.outboundProfile || ''),
-                            routeName: pipelineResult.routingDecision?.routeName,
-                            pipelineId: target.providerKey,
-                            runtimeKey,
-                            target
-                        },
-                        dependencies: this.getModuleDependencies(),
-                        recoverable: false,
-                        affectsHealth: true,
-                        details: {
-                            reason: 'runtime_handle_missing',
-                            providerKey: target.providerKey,
-                            runtimeKey
-                        }
-                    });
-                }
-                catch {
-                    // best-effort
-                }
-                if (!firstError) {
-                    firstError = error;
-                }
-                excludedProviderKeys.add(target.providerKey);
-                this.logStage('provider.retry', input.requestId, {
-                    providerKey: target.providerKey,
-                    attempt,
-                    nextAttempt: attempt + 1,
-                    excluded: Array.from(excludedProviderKeys),
-                    reason: 'provider_runtime_missing'
-                });
-                continue;
-            }
-            const providerProtocol = target.outboundProfile ||
-                handle.providerProtocol;
-            const metadataModel = mergedMetadata?.target && typeof mergedMetadata.target === 'object'
-                ? mergedMetadata.target.clientModelId
-                : undefined;
-            const rawModel = this.extractProviderModel(providerPayload) ||
-                (typeof metadataModel === 'string' ? metadataModel : undefined);
-            const providerIdToken = target.providerKey || handle.providerId || runtimeKey;
-            if (!providerIdToken) {
-                throw Object.assign(new Error('Provider identifier missing for request'), {
-                    code: 'ERR_PROVIDER_ID_MISSING',
-                    requestId: providerRequestId
-                });
-            }
-            const enhancedRequestId = enhanceProviderRequestId(providerRequestId, {
-                entryEndpoint: input.entryEndpoint,
-                providerId: providerIdToken,
-                model: rawModel
-            });
-            // /v1/responses tool loop depends on a stable requestId mapping between:
-            // - inbound conversion capture (uses the initial requestId), and
-            // - outbound response record (may run after requestId enhancement).
-            // Enhancement happens for all providers, so rebind must be keyed off the client endpoint,
-            // not the providerProtocol (which can be gemini-chat/anthropic-messages/etc.).
-            if (String(input.entryEndpoint || '').startsWith('/v1/responses')) {
-                try {
-                    await rebindResponsesConversationRequestId(providerRequestId, enhancedRequestId);
-                }
-                catch {
-                    /* ignore rebind failures */
-                }
-            }
-            if (enhancedRequestId !== input.requestId) {
-                input.requestId = enhancedRequestId;
-            }
-            mergedMetadata.clientRequestId = clientRequestId;
-            const providerModel = rawModel;
-            const providerLabel = this.buildProviderLabel(target.providerKey, providerModel);
-            this.logStage('provider.prepare', input.requestId, {
-                providerKey: target.providerKey,
-                runtimeKey,
-                protocol: providerProtocol,
-                providerType: handle.providerType,
-                providerFamily: handle.providerFamily,
-                model: providerModel,
-                providerLabel
-            });
-            attachProviderRuntimeMetadata(providerPayload, {
-                requestId: input.requestId,
-                providerId: handle.providerId,
-                providerKey: target.providerKey,
-                providerType: handle.providerType,
-                providerFamily: handle.providerFamily,
-                providerProtocol,
-                pipelineId: target.providerKey,
-                routeName: pipelineResult.routingDecision?.routeName,
-                runtimeKey,
-                target,
-                metadata: mergedMetadata
-            });
-            this.stats.bindProvider(statsRequestId, {
-                providerKey: target.providerKey,
-                providerType: handle.providerType,
-                model: providerModel
-            });
-            this.logStage('provider.send.start', input.requestId, {
-                providerKey: target.providerKey,
-                runtimeKey,
-                protocol: providerProtocol,
-                providerType: handle.providerType,
-                providerFamily: handle.providerFamily,
-                model: providerModel,
-                providerLabel
-            });
-            try {
-                const providerResponse = await handle.instance.processIncoming(providerPayload);
-                const responseStatus = this.extractResponseStatus(providerResponse);
-                this.logStage('provider.send.completed', input.requestId, {
-                    providerKey: target.providerKey,
-                    status: responseStatus,
-                    providerType: handle.providerType,
-                    providerFamily: handle.providerFamily,
-                    model: providerModel,
-                    providerLabel
-                });
-                const wantsStreamBase = Boolean(input.metadata?.inboundStream ?? input.metadata?.stream);
-                const normalized = this.normalizeProviderResponse(providerResponse);
-                const pipelineProcessed = pipelineResult.processedRequest;
-                const pipelineStandardized = pipelineResult.standardizedRequest;
-                const requestSemantics = pipelineProcessed && typeof pipelineProcessed === 'object' && typeof pipelineProcessed.semantics === 'object'
-                    ? pipelineProcessed.semantics
-                    : pipelineStandardized && typeof pipelineStandardized === 'object' && typeof pipelineStandardized.semantics === 'object'
-                        ? pipelineStandardized.semantics
-                        : undefined;
-                const converted = await this.convertProviderResponseIfNeeded({
-                    entryEndpoint: input.entryEndpoint,
-                    providerType: handle.providerType,
-                    requestId: input.requestId,
-                    wantsStream: wantsStreamBase,
-                    originalRequest: originalRequestSnapshot,
-                    requestSemantics: requestSemantics,
-                    processMode: pipelineResult.processMode,
-                    response: normalized,
-                    pipelineMetadata: mergedMetadata
-                });
-                // Treat upstream 429 as provider failure across protocols to avoid
-                // silently returning success and to let Virtual Router failover to other candidates.
-                // Keep existing Gemini compatibility behavior for 400/4xx thoughtSignature-like failures.
-                const convertedStatus = typeof converted.status === 'number' ? converted.status : undefined;
-                const isGlobalRetryable429 = convertedStatus === 429;
-                const isGeminiCompatFailure = typeof convertedStatus === 'number' &&
-                    convertedStatus >= 400 &&
-                    (isAntigravityProviderKey(target.providerKey) ||
-                        (typeof target.providerKey === 'string' && target.providerKey.startsWith('gemini-cli.'))) &&
-                    providerProtocol === 'gemini-chat';
-                if (isGlobalRetryable429 || isGeminiCompatFailure) {
-                    const bodyForError = converted.body && typeof converted.body === 'object'
-                        ? converted.body
-                        : undefined;
-                    const errMsg = bodyForError && bodyForError.error && typeof bodyForError.error === 'object'
-                        ? String(bodyForError.error.message || bodyForError.error || '')
-                        : '';
-                    const statusCode = typeof convertedStatus === 'number' ? convertedStatus : 500;
-                    const errorToThrow = new Error(errMsg && errMsg.trim().length ? errMsg : `HTTP ${statusCode}`);
-                    errorToThrow.statusCode = statusCode;
-                    errorToThrow.status = statusCode;
-                    errorToThrow.response = { data: bodyForError };
-                    try {
-                        const { emitProviderError } = await import('../../../providers/core/utils/provider-error-reporter.js');
-                        emitProviderError({
-                            error: errorToThrow,
-                            stage: 'provider.http',
-                            runtime: {
-                                requestId: input.requestId,
-                                providerKey: target.providerKey,
-                                providerId: handle.providerId,
-                                providerType: handle.providerType,
-                                providerFamily: handle.providerFamily,
-                                providerProtocol,
-                                routeName: pipelineResult.routingDecision?.routeName,
-                                pipelineId: target.providerKey,
-                                target,
-                                runtimeKey
-                            },
-                            dependencies: this.getModuleDependencies(),
-                            statusCode,
-                            recoverable: statusCode === 429,
-                            affectsHealth: true,
-                            details: {
-                                source: 'converted_response_status',
-                                convertedStatus: statusCode,
-                                wrappedErrorResponse: true
-                            }
-                        });
-                    }
-                    catch {
-                        // best-effort; never block retry/failover path
-                    }
-                    throw errorToThrow;
-                }
-                const usage = this.extractUsageFromResult(converted, mergedMetadata);
-                // QuotaManager listens to provider error/success events; avoid duplicating accounting here.
-                this.stats.recordCompletion(statsRequestId, { usage, error: false });
-                // Notify llmswitch-core about successful completion so session-scoped routing state
-                // (e.g. Antigravity alias bindings) can be committed only after the first success.
-                try {
-                    const center = await getProviderSuccessCenter().catch(() => null);
-                    const sessionId = typeof mergedMetadata.sessionId === 'string' && mergedMetadata.sessionId.trim()
-                        ? mergedMetadata.sessionId.trim()
-                        : undefined;
-                    const conversationId = typeof mergedMetadata.conversationId === 'string' && mergedMetadata.conversationId.trim()
-                        ? mergedMetadata.conversationId.trim()
-                        : undefined;
-                    center?.emit({
-                        runtime: {
-                            requestId: input.requestId,
-                            routeName: pipelineResult.routingDecision?.routeName,
-                            providerKey: target.providerKey,
-                            providerId: handle.providerId,
-                            providerType: handle.providerType,
-                            providerProtocol,
-                            pipelineId: target.providerKey,
-                            target
-                        },
-                        timestamp: Date.now(),
-                        metadata: {
-                            ...(sessionId ? { sessionId } : {}),
-                            ...(conversationId ? { conversationId } : {})
-                        }
-                    });
-                }
-                catch {
-                    // best-effort: must never affect request path
-                }
-                // 回传 session_id 和 conversation_id 到响应头（如果存在）
-                const sessionId = typeof mergedMetadata.sessionId === "string" && mergedMetadata.sessionId.trim()
-                    ? mergedMetadata.sessionId.trim()
-                    : undefined;
-                let conversationId = typeof mergedMetadata.conversationId === "string" && mergedMetadata.conversationId.trim()
-                    ? mergedMetadata.conversationId.trim()
-                    : undefined;
-                // 对称补齐：如果只有 session_id，则回传 conversation_id=session_id
-                if (!conversationId && sessionId) {
-                    conversationId = sessionId;
-                }
-                if (sessionId || conversationId) {
-                    if (!converted.headers) {
-                        converted.headers = {};
-                    }
-                    if (sessionId && !converted.headers["session_id"]) {
-                        converted.headers["session_id"] = sessionId;
-                    }
-                    if (conversationId && !converted.headers["conversation_id"]) {
-                        converted.headers["conversation_id"] = conversationId;
-                    }
-                }
-                return converted;
-            }
-            catch (error) {
-                this.logStage('provider.send.error', input.requestId, {
-                    providerKey: target.providerKey,
-                    message: error instanceof Error ? error.message : String(error ?? 'Unknown error'),
-                    providerType: handle.providerType,
-                    providerFamily: handle.providerFamily,
-                    model: providerModel,
-                    providerLabel
-                });
-                if (isAntigravityProviderKey(target.providerKey) && extractStatusCodeFromError(error) === 429) {
-                    maxAttempts = Math.max(maxAttempts, resolveAntigravityMaxProviderAttempts());
-                }
-                // QuotaManager listens to provider error events emitted by providers.
-                if (!firstError) {
-                    firstError = error;
-                }
-                const shouldRetry = attempt < maxAttempts && shouldRetryProviderError(error);
-                if (!shouldRetry) {
-                    this.stats.recordCompletion(statsRequestId, { error: true });
-                    throw error;
-                }
-                // Record this failed provider attempt even if the overall request succeeds later via failover.
-                this.stats.recordCompletion(statsRequestId, { error: true });
-                const singleProviderPool = Boolean(initialRoutePool && initialRoutePool.length === 1 && initialRoutePool[0] === target.providerKey);
-                if (singleProviderPool) {
-                    if (isNetworkTransportError(error)) {
-                        await waitBeforeRetry(error);
-                    }
-                }
-                else if (target.providerKey) {
-                    excludedProviderKeys.add(target.providerKey);
-                }
-                this.logStage('provider.retry', input.requestId, {
-                    providerKey: target.providerKey,
-                    attempt,
-                    nextAttempt: attempt + 1,
-                    excluded: Array.from(excludedProviderKeys),
-                    reason: describeRetryReason(error)
-                });
-                continue;
-            }
-        }
-        // best-effort: if failover attempt could not produce a successful response,
-        // return the original error (avoid masking 429 with PROVIDER_NOT_AVAILABLE etc.).
-        this.stats.recordCompletion(statsRequestId, { error: true });
-        throw firstError ?? new Error('Provider execution failed without response');
-    }
-    async runHubPipeline(input, metadata) {
-        if (!this.hubPipeline) {
-            throw new Error('Hub pipeline runtime is not initialized');
-        }
-        const payload = asRecord(input.body);
-        const isInternalFollowup = asRecord(metadata.__rt)?.serverToolFollowup === true;
-        const wantsShadowCompare = !isInternalFollowup && shouldRunHubShadowCompare(this.hubShadowCompareConfig);
-        const pipelineInput = {
-            ...input,
-            id: input.requestId,
-            endpoint: input.entryEndpoint,
-            metadata: {
-                ...metadata,
-                logger: this.coloredLogger,
-                ...(wantsShadowCompare
-                    ? { __hubShadowCompare: { baselineMode: this.hubShadowCompareConfig.baselineMode } }
-                    : {})
-            },
-            payload
-        };
-        const result = await this.hubPipeline.execute(pipelineInput);
-        if (!result.providerPayload || !result.target?.providerKey) {
-            throw Object.assign(new Error('Virtual router did not produce a provider target'), {
-                code: 'ERR_NO_PROVIDER_TARGET',
-                requestId: input.requestId
-            });
-        }
-        const processMode = result.metadata?.processMode ?? 'chat';
-        const resultRecord = result;
-        const derivedRequestId = typeof resultRecord.requestId === 'string'
-            ? resultRecord.requestId
-            : input.requestId;
-        const llmsEngineShadowEnabled = !isInternalFollowup &&
-            isLlmsEngineShadowEnabledForSubpath(this.llmsEngineShadowConfig, 'conversion/hub/pipeline');
-        if (llmsEngineShadowEnabled) {
-            // Fail fast: if shadow is enabled for this module, engine core must be available.
-            await this.ensureHubPipelineEngineShadow();
-        }
-        const wantsLlmsEngineShadow = llmsEngineShadowEnabled &&
-            shouldRunLlmsEngineShadowForSubpath(this.llmsEngineShadowConfig, 'conversion/hub/pipeline');
-        // Unified Hub Framework V1: runtime black-box shadow compare (baseline policy vs current policy).
-        // - baseline payload is computed in the SAME hub pipeline execution (single-pass)
-        // - only writes errorsample when diff exists
-        try {
-            const shadow = result.metadata?.hubShadowCompare;
-            const baselineProviderPayload = shadow && typeof shadow === 'object' && !Array.isArray(shadow)
-                ? shadow.baselineProviderPayload
-                : undefined;
-            if (wantsShadowCompare && baselineProviderPayload && typeof baselineProviderPayload === 'object') {
-                const entryEndpoint = String(input.entryEndpoint || '/v1/chat/completions');
-                const routeHint = typeof metadata.routeHint === 'string'
-                    ? String(metadata.routeHint)
-                    : undefined;
-                const excludedProviderKeys = Array.isArray(metadata.excludedProviderKeys)
-                    ? metadata.excludedProviderKeys
-                    : [];
-                const cloneJsonSafe = (value) => {
-                    try {
-                        return JSON.parse(JSON.stringify(value));
-                    }
-                    catch {
-                        return value;
-                    }
-                };
-                const candidateOut = {
-                    providerPayload: cloneJsonSafe(result.providerPayload),
-                    target: cloneJsonSafe(result.target),
-                    metadata: {
-                        entryEndpoint: result.metadata?.entryEndpoint,
-                        providerProtocol: result.metadata?.providerProtocol,
-                        processMode: result.metadata?.processMode,
-                        stream: result.metadata?.stream,
-                        routeHint: result.metadata?.routeHint
-                    }
-                };
-                void (async () => {
-                    try {
-                        const baselineOut = {
-                            providerPayload: cloneJsonSafe(baselineProviderPayload),
-                            target: shadow && typeof shadow === 'object' && !Array.isArray(shadow) && shadow.baselineTarget
-                                ? cloneJsonSafe(shadow.baselineTarget)
-                                : cloneJsonSafe(result.target),
-                            metadata: {
-                                entryEndpoint: result.metadata?.entryEndpoint,
-                                providerProtocol: result.metadata?.providerProtocol,
-                                processMode: result.metadata?.processMode,
-                                stream: result.metadata?.stream,
-                                routeHint: result.metadata?.routeHint
-                            }
-                        };
-                        await recordHubShadowCompareDiff({
-                            requestId: derivedRequestId,
-                            entryEndpoint,
-                            routeHint,
-                            excludedProviderKeys,
-                            baselineMode: this.hubShadowCompareConfig.baselineMode,
-                            candidateMode: typeof shadow?.candidateMode === 'string' ? shadow.candidateMode : (this.hubPolicyMode ?? undefined),
-                            baselineOut,
-                            candidateOut
-                        });
-                    }
-                    catch (error) {
-                        // eslint-disable-next-line no-console
-                        console.error('[unified-hub-shadow-runtime] baseline compare failed:', error);
-                    }
-                })();
-            }
-        }
-        catch {
-            // best-effort only
-        }
-        // llms-engine: runtime black-box shadow compare (TS vs engine) for hub pipeline.
-        if (wantsLlmsEngineShadow) {
-            const cloneJsonSafe = (value) => {
-                try {
-                    return JSON.parse(JSON.stringify(value));
-                }
-                catch {
-                    return value;
-                }
-            };
-            const entryEndpoint = String(input.entryEndpoint || '/v1/chat/completions');
-            const routeHint = typeof metadata.routeHint === 'string'
-                ? String(metadata.routeHint)
-                : undefined;
-            const baselineOut = {
-                providerPayload: cloneJsonSafe(result.providerPayload),
-                target: cloneJsonSafe(result.target),
-                metadata: {
-                    entryEndpoint: result.metadata?.entryEndpoint,
-                    providerProtocol: result.metadata?.providerProtocol,
-                    processMode: result.metadata?.processMode,
-                    stream: result.metadata?.stream,
-                    routeHint: result.metadata?.routeHint
-                }
-            };
-            void (async () => {
-                try {
-                    const shadowPipeline = await this.ensureHubPipelineEngineShadow();
-                    const shadowRequestId = `${input.requestId}__llms_engine_shadow`;
-                    const baseMeta = pipelineInput.metadata;
-                    const shadowInput = {
-                        ...pipelineInput,
-                        id: shadowRequestId,
-                        endpoint: input.entryEndpoint,
-                        metadata: {
-                            ...(baseMeta && typeof baseMeta === 'object' ? baseMeta : {}),
-                            __llmsEngineShadow: { baselineRequestId: derivedRequestId, entryEndpoint, routeHint }
-                        },
-                        payload: cloneJsonSafe(payload)
-                    };
-                    const shadowResult = await shadowPipeline.execute(shadowInput);
-                    if (!shadowResult?.providerPayload || !shadowResult?.target) {
-                        return;
-                    }
-                    const candidateOut = {
-                        providerPayload: cloneJsonSafe(shadowResult.providerPayload),
-                        target: cloneJsonSafe(shadowResult.target),
-                        metadata: {
-                            entryEndpoint: shadowResult.metadata?.entryEndpoint,
-                            providerProtocol: shadowResult.metadata?.providerProtocol,
-                            processMode: shadowResult.metadata?.processMode,
-                            stream: shadowResult.metadata?.stream,
-                            routeHint: shadowResult.metadata?.routeHint
-                        }
-                    };
-                    await recordLlmsEngineShadowDiff({
-                        group: 'hub-pipeline',
-                        requestId: derivedRequestId,
-                        subpath: 'conversion/hub/pipeline',
-                        baselineImpl: 'ts',
-                        candidateImpl: 'engine',
-                        baselineOut,
-                        candidateOut
-                    });
-                }
-                catch (error) {
-                    // eslint-disable-next-line no-console
-                    console.error('[llms-engine-shadow] hub pipeline shadow failed:', error);
-                }
-            })();
-        }
-        return {
-            requestId: derivedRequestId,
-            providerPayload: result.providerPayload,
-            standardizedRequest: result.standardizedRequest && typeof result.standardizedRequest === 'object'
-                ? result.standardizedRequest
-                : undefined,
-            processedRequest: result.processedRequest && typeof result.processedRequest === 'object'
-                ? result.processedRequest
-                : undefined,
-            target: result.target,
-            routingDecision: result.routingDecision ?? undefined,
-            processMode,
-            metadata: result.metadata ?? {}
-        };
-    }
-    buildRequestMetadata(input) {
-        const userMeta = asRecord(input.metadata);
-        const headers = asRecord(input.headers);
-        const inboundUserAgent = this.extractHeaderValue(headers, 'user-agent');
-        const inboundOriginator = this.extractHeaderValue(headers, 'originator');
-        const resolvedUserAgent = typeof userMeta.userAgent === 'string' && userMeta.userAgent.trim()
-            ? userMeta.userAgent.trim()
-            : inboundUserAgent;
-        const resolvedOriginator = typeof userMeta.clientOriginator === 'string' && userMeta.clientOriginator.trim()
-            ? userMeta.clientOriginator.trim()
-            : inboundOriginator;
-        const routeHint = this.extractRouteHint(input) ?? userMeta.routeHint;
-        const processMode = userMeta.processMode || 'chat';
-        const runtimeFromUser = asRecord(userMeta.runtime);
-        const llmsVersion = resolveLlmswitchCoreVersion();
-        const metadata = {
-            ...userMeta,
-            entryEndpoint: input.entryEndpoint,
-            processMode,
-            direction: 'request',
-            stage: 'inbound',
-            routeHint,
-            stream: userMeta.stream === true,
-            runtime: {
-                ...(runtimeFromUser ?? {}),
-                routecodex: {
-                    version: buildInfo.version,
-                    mode: buildInfo.mode
-                },
-                llmswitchCore: llmsVersion ? { version: llmsVersion } : undefined,
-                node: { version: process.version }
-            },
-            ...(resolvedUserAgent ? { userAgent: resolvedUserAgent } : {}),
-            ...(resolvedOriginator ? { clientOriginator: resolvedOriginator } : {})
-        };
-        // 将原始客户端请求头快照到 metadata.clientHeaders，便于 llmswitch-core
-        // 的 extractSessionIdentifiersFromMetadata 从中解析 session_id / conversation_id。
-        if (!metadata.clientHeaders && headers && Object.keys(headers).length) {
-            const clientHeaders = {};
-            for (const [key, value] of Object.entries(headers)) {
-                if (typeof value === 'string') {
-                    const trimmed = value.trim();
-                    if (trimmed) {
-                        clientHeaders[key] = trimmed;
-                    }
-                }
-                else if (Array.isArray(value) && value.length) {
-                    const first = String(value[0]).trim();
-                    if (first) {
-                        clientHeaders[key] = first;
-                    }
-                }
-            }
-            if (Object.keys(clientHeaders).length) {
-                metadata.clientHeaders = clientHeaders;
-            }
-        }
-        // 在 Host 入口统一解析会话标识，后续 HubPipeline / servertool 等模块仅依赖
-        // sessionId / conversationId 字段，不再重复解析 clientHeaders。
-        const identifiers = extractSessionIdentifiersFromMetadata(metadata);
-        if (identifiers.sessionId) {
-            metadata.sessionId = identifiers.sessionId;
-        }
-        if (identifiers.conversationId) {
-            metadata.conversationId = identifiers.conversationId;
-        }
-        return metadata;
-    }
-    extractHeaderValue(headers, name) {
-        if (!headers) {
-            return undefined;
-        }
-        const target = name.toLowerCase();
-        for (const [key, value] of Object.entries(headers)) {
-            if (key.toLowerCase() !== target) {
-                continue;
-            }
-            if (typeof value === 'string') {
-                return value.trim() || undefined;
-            }
-            if (Array.isArray(value) && value.length) {
-                return String(value[0]).trim() || undefined;
-            }
-            return undefined;
-        }
-        return undefined;
-    }
-    extractRouteHint(input) {
-        const header = input.headers['x-route-hint'];
-        if (typeof header === 'string' && header.trim()) {
-            return header.trim();
-        }
-        if (Array.isArray(header) && header[0]) {
-            return String(header[0]);
-        }
-        return undefined;
-    }
-    extractResponseStatus(response) {
-        if (!response || typeof response !== 'object') {
-            return undefined;
-        }
-        const candidate = response.status;
-        return typeof candidate === 'number' ? candidate : undefined;
-    }
-    normalizeProviderResponse(response) {
-        const status = this.extractResponseStatus(response);
-        const headers = this.normalizeProviderResponseHeaders(response && typeof response === 'object' ? response.headers : undefined);
-        const body = response && typeof response === 'object' && 'data' in response
-            ? response.data
-            : response;
-        return { status, headers, body };
-    }
-    normalizeProviderResponseHeaders(headers) {
-        if (!headers || typeof headers !== 'object') {
-            return undefined;
-        }
-        const normalized = {};
-        for (const [key, value] of Object.entries(headers)) {
-            if (typeof value === 'string') {
-                normalized[key.toLowerCase()] = value;
-            }
-        }
-        return Object.keys(normalized).length ? normalized : undefined;
-    }
-    extractUsageFromResult(result, metadata) {
-        const candidates = [];
-        if (metadata && typeof metadata === 'object') {
-            const bag = metadata;
-            if (bag.usage) {
-                candidates.push(bag.usage);
-            }
-        }
-        if (result.body && typeof result.body === 'object') {
-            const body = result.body;
-            if (body.usage) {
-                candidates.push(body.usage);
-            }
-            if (body.response && typeof body.response === 'object') {
-                const responseNode = body.response;
-                if (responseNode.usage) {
-                    candidates.push(responseNode.usage);
-                }
-            }
-        }
-        for (const candidate of candidates) {
-            const normalized = this.normalizeUsage(candidate);
-            if (normalized) {
-                return normalized;
-            }
-        }
-        return undefined;
-    }
-    normalizeUsage(value) {
-        if (!value || typeof value !== 'object') {
-            return undefined;
-        }
-        const record = value;
-        const prompt = typeof record.prompt_tokens === 'number'
-            ? record.prompt_tokens
-            : typeof record.input_tokens === 'number'
-                ? record.input_tokens
-                : undefined;
-        const completion = typeof record.completion_tokens === 'number'
-            ? record.completion_tokens
-            : typeof record.output_tokens === 'number'
-                ? record.output_tokens
-                : undefined;
-        let total = typeof record.total_tokens === 'number'
-            ? record.total_tokens
-            : undefined;
-        if (total === undefined && prompt !== undefined && completion !== undefined) {
-            total = prompt + completion;
-        }
-        if (prompt === undefined && completion === undefined && total === undefined) {
-            return undefined;
-        }
-        return {
-            prompt_tokens: prompt,
-            completion_tokens: completion,
-            total_tokens: total
-        };
-    }
-    async convertProviderResponseIfNeeded(options) {
-        const body = options.response.body;
-        if (body && typeof body === 'object') {
-            const wrapperError = this.extractSseWrapperError(body);
-            if (wrapperError) {
-                const codeSuffix = wrapperError.errorCode ? ` [${wrapperError.errorCode}]` : '';
-                const error = new Error(`Upstream SSE error event${codeSuffix}: ${wrapperError.message}`);
-                error.code = 'SSE_DECODE_ERROR';
-                if (wrapperError.errorCode) {
-                    error.upstreamCode = wrapperError.errorCode;
-                }
-                error.retryable = wrapperError.retryable;
-                if (wrapperError.retryable) {
-                    error.status = 503;
-                    error.statusCode = 503;
-                }
-                throw error;
-            }
-        }
-        if (options.processMode === 'passthrough' && !options.wantsStream) {
-            return options.response;
-        }
-        const entry = (options.entryEndpoint || '').toLowerCase();
-        const needsAnthropicConversion = entry.includes('/v1/messages');
-        const needsResponsesConversion = entry.includes('/v1/responses');
-        const needsChatConversion = entry.includes('/v1/chat/completions');
-        if (!needsAnthropicConversion && !needsResponsesConversion && !needsChatConversion) {
-            return options.response;
-        }
-        if (!body || typeof body !== 'object') {
-            return options.response;
-        }
-        try {
-            const providerProtocol = mapProviderProtocol(options.providerType);
-            const metadataBag = asRecord(options.pipelineMetadata);
-            const originalModelId = this.extractClientModelId(metadataBag, options.originalRequest);
-            const assignedModelId = typeof metadataBag?.assignedModelId === 'string'
-                ? String(metadataBag.assignedModelId)
-                : metadataBag &&
-                    typeof metadataBag === 'object' &&
-                    metadataBag.target &&
-                    typeof metadataBag.target === 'object' &&
-                    typeof metadataBag.target.modelId === 'string'
-                    ? metadataBag.target.modelId
-                    : typeof metadataBag?.modelId === 'string'
-                        ? String(metadataBag.modelId)
-                        : undefined;
-            // 以 HubPipeline metadata 为基础构建 AdapterContext，确保诸如
-            // capturedChatRequest / webSearch / routeHint 等字段在响应侧可见，
-            // 便于 llmswitch-core 内部实现 servertool/web_search 的第三跳。
-            const baseContext = {
-                ...(metadataBag ?? {})
-            };
-            if (baseContext.capturedChatRequest === undefined &&
-                options.originalRequest &&
-                typeof options.originalRequest === 'object' &&
-                !Array.isArray(options.originalRequest)) {
-                baseContext.capturedChatRequest = options.originalRequest;
-            }
-            // 将 HubPipeline metadata.routeName 映射为 AdapterContext.routeId，
-            // 便于 llmswitch-core 在第三跳中使用 routeHint 复用首次路由决策。
-            if (typeof metadataBag?.routeName === 'string') {
-                baseContext.routeId = metadataBag.routeName;
-            }
-            baseContext.requestId = options.requestId;
-            baseContext.entryEndpoint = options.entryEndpoint || entry;
-            baseContext.providerProtocol = providerProtocol;
-            baseContext.originalModelId = originalModelId;
-            if (assignedModelId && assignedModelId.trim()) {
-                baseContext.modelId = assignedModelId.trim();
-            }
-            const adapterContext = baseContext;
-            const compatProfile = typeof metadataBag?.compatibilityProfile === 'string'
-                ? String(metadataBag.compatibilityProfile)
-                : metadataBag &&
-                    typeof metadataBag === 'object' &&
-                    metadataBag.target &&
-                    typeof metadataBag.target === 'object' &&
-                    typeof metadataBag.target.compatibilityProfile === 'string'
-                    ? metadataBag.target.compatibilityProfile
-                    : undefined;
-            if (compatProfile && compatProfile.trim()) {
-                adapterContext.compatibilityProfile = compatProfile.trim();
-            }
-            const stageRecorder = await bridgeCreateSnapshotRecorder(adapterContext, typeof adapterContext.entryEndpoint === 'string'
-                ? adapterContext.entryEndpoint
-                : options.entryEndpoint || entry);
-            const providerInvoker = async (invokeOptions) => {
-                const runtimeKey = this.providerKeyToRuntimeKey.get(invokeOptions.providerKey) || invokeOptions.providerKey;
-                const handle = this.providerHandles.get(runtimeKey);
-                if (!handle) {
-                    throw new Error(`Provider runtime ${runtimeKey} not found`);
-                }
-                const providerResponse = await handle.instance.processIncoming(invokeOptions.payload);
-                const normalized = this.normalizeProviderResponse(providerResponse);
-                const bodyPayload = normalized.body && typeof normalized.body === 'object'
-                    ? normalized.body
-                    : normalized;
-                return { providerResponse: bodyPayload };
-            };
-            const reenterPipeline = async (reenterOpts) => {
-                const nestedEntry = reenterOpts.entryEndpoint || options.entryEndpoint || entry;
-                const nestedExtra = asRecord(reenterOpts.metadata) ?? {};
-                // 基于首次 HubPipeline metadata + 调用方注入的 metadata 构建新的请求 metadata。
-                // 不在 Host 层编码 servertool/web_search 等语义，由 llmswitch-core 负责。
-                const nestedMetadata = {
-                    ...(metadataBag ?? {}),
-                    ...nestedExtra,
-                    entryEndpoint: nestedEntry,
-                    direction: 'request',
-                    stage: 'inbound'
-                };
-                // servertool followup 是内部二跳请求：不应继承客户端 headers 偏好（尤其是 Accept），
-                // 否则会导致上游返回非 SSE 响应而被当作 SSE 解析，出现“空回复”。
-                // E1: merge internal runtime metadata carrier (`__rt`) instead of clobbering it.
-                try {
-                    const baseRt = asRecord(metadataBag?.__rt) ?? {};
-                    const extraRt = asRecord(nestedExtra?.__rt) ?? {};
-                    if (Object.keys(baseRt).length || Object.keys(extraRt).length) {
-                        nestedMetadata.__rt = { ...baseRt, ...extraRt };
-                    }
-                }
-                catch {
-                    // best-effort
-                }
-                if (asRecord(nestedMetadata.__rt)?.serverToolFollowup === true) {
-                    delete nestedMetadata.clientHeaders;
-                    delete nestedMetadata.clientRequestId;
-                }
-                const nestedInput = {
-                    entryEndpoint: nestedEntry,
-                    method: 'POST',
-                    requestId: reenterOpts.requestId,
-                    headers: {},
-                    query: {},
-                    body: reenterOpts.body,
-                    metadata: nestedMetadata
-                };
-                const nestedResult = await this.executePipeline(nestedInput);
-                const nestedBody = nestedResult.body && typeof nestedResult.body === 'object'
-                    ? nestedResult.body
-                    : undefined;
-                return { body: nestedBody };
-            };
-            const converted = await bridgeConvertProviderResponse({
-                providerProtocol,
-                providerResponse: body,
-                context: adapterContext,
-                entryEndpoint: options.entryEndpoint || entry,
-                wantsStream: options.wantsStream,
-                requestSemantics: options.requestSemantics,
-                providerInvoker,
-                stageRecorder,
-                reenterPipeline
-            });
-            if (converted.__sse_responses) {
-                return {
-                    ...options.response,
-                    body: { __sse_responses: converted.__sse_responses }
-                };
-            }
-            return {
-                ...options.response,
-                body: converted.body ?? body
-            };
-        }
-        catch (error) {
-            const err = error;
-            const message = err instanceof Error ? err.message : String(err ?? 'Unknown error');
-            const errRecord = err;
-            const errCode = typeof errRecord.code === 'string' ? errRecord.code : undefined;
-            const errName = typeof errRecord.name === 'string' ? errRecord.name : undefined;
-            const statusCandidate = typeof errRecord.status === 'number'
-                ? errRecord.status
-                : typeof errRecord.statusCode === 'number'
-                    ? errRecord.statusCode
-                    : undefined;
-            const isSseDecodeError = errCode === 'SSE_DECODE_ERROR' ||
-                (errName === 'ProviderProtocolError' && message.toLowerCase().includes('sse'));
-            const isServerToolFollowupError = errCode === 'SERVERTOOL_FOLLOWUP_FAILED' ||
-                errCode === 'SERVERTOOL_EMPTY_FOLLOWUP' ||
-                (typeof errCode === 'string' && errCode.startsWith('SERVERTOOL_'));
-            const isProviderProtocolError = errName === 'ProviderProtocolError';
-            // If we need to stream a client response, conversion failures are fatal: there is no safe fallback
-            // that preserves protocol correctness.
-            const isStreamingConversion = Boolean(options.wantsStream && (needsAnthropicConversion || needsResponsesConversion || needsChatConversion));
-            if (isSseDecodeError || isServerToolFollowupError || isStreamingConversion || (isProviderProtocolError && typeof statusCandidate === 'number')) {
-                console.error('[RouteCodexHttpServer] Fatal conversion error, bubbling as HTTP error', error);
-                throw error;
-            }
-            console.error('[RouteCodexHttpServer] Failed to convert provider response via llmswitch-core', error);
-            return options.response;
-        }
-    }
-    extractSseWrapperError(payload) {
-        return this.findSseWrapperError(payload, 2);
-    }
-    findSseWrapperError(record, depth) {
-        if (!record || typeof record !== 'object' || depth < 0) {
-            return undefined;
-        }
-        if (record.mode === 'sse') {
-            const normalized = this.normalizeSseWrapperErrorValue(record.error, depth);
-            if (normalized) {
-                return normalized;
-            }
-        }
-        const nestedKeys = ['body', 'data', 'payload', 'response'];
-        for (const key of nestedKeys) {
-            const nested = record[key];
-            if (!nested || typeof nested !== 'object' || Array.isArray(nested)) {
-                continue;
-            }
-            const found = this.findSseWrapperError(nested, depth - 1);
-            if (found) {
-                return found;
-            }
-        }
-        return undefined;
-    }
-    normalizeSseWrapperErrorValue(value, depth) {
-        if (value === undefined || value === null || depth < 0) {
-            return undefined;
-        }
-        if (typeof value === 'string') {
-            const trimmed = value.trim();
-            if (!trimmed) {
-                return undefined;
-            }
-            if (depth > 0 && (trimmed.startsWith('{') || trimmed.startsWith('['))) {
-                try {
-                    const parsed = JSON.parse(trimmed);
-                    const parsedInfo = this.normalizeSseWrapperErrorValue(parsed, depth - 1);
-                    if (parsedInfo) {
-                        return parsedInfo;
-                    }
-                }
-                catch {
-                    // fallback to raw string
-                }
-            }
-            return {
-                message: trimmed,
-                retryable: isRetryableSseWrapperError(trimmed)
-            };
-        }
-        if (typeof value !== 'object' || Array.isArray(value)) {
-            return undefined;
-        }
-        const record = value;
-        const directMessage = firstNonEmptyString([
-            record.message,
-            record.error_message,
-            record.errorMessage
-        ]);
-        const directCode = firstNonEmptyString([
-            record.code,
-            record.error_code,
-            record.errorCode,
-            record.type
-        ]);
-        const directStatus = firstFiniteNumber([
-            record.status,
-            record.statusCode,
-            record.status_code,
-            record.http_status
-        ]);
-        if (depth > 0) {
-            for (const key of ['error', 'data', 'payload', 'details', 'body', 'response']) {
-                const nestedInfo = this.normalizeSseWrapperErrorValue(record[key], depth - 1);
-                if (nestedInfo) {
-                    const mergedCode = nestedInfo.errorCode ?? directCode;
-                    const retryable = nestedInfo.retryable || isRetryableSseWrapperError(nestedInfo.message, mergedCode, directStatus);
-                    return {
-                        message: nestedInfo.message,
-                        ...(mergedCode ? { errorCode: mergedCode } : {}),
-                        retryable
-                    };
-                }
-            }
-        }
-        if (directMessage) {
-            return {
-                message: directMessage,
-                ...(directCode ? { errorCode: directCode } : {}),
-                retryable: isRetryableSseWrapperError(directMessage, directCode, directStatus)
-            };
-        }
-        try {
-            const serialized = JSON.stringify(record);
-            if (serialized && serialized !== '{}') {
-                return {
-                    message: serialized,
-                    ...(directCode ? { errorCode: directCode } : {}),
-                    retryable: isRetryableSseWrapperError(serialized, directCode, directStatus)
-                };
-            }
-        }
-        catch {
-            // ignore stringify failures
-        }
-        return undefined;
-    }
-    extractClientModelId(metadata, originalRequest) {
-        const candidates = [
-            metadata.clientModelId,
-            metadata.originalModelId,
-            (metadata.target && typeof metadata.target === 'object'
-                ? metadata.target.clientModelId
-                : undefined),
-            originalRequest && typeof originalRequest === 'object'
-                ? originalRequest.model
-                : undefined,
-            originalRequest && typeof originalRequest === 'object'
-                ? originalRequest.originalModelId
-                : undefined
-        ];
-        for (const candidate of candidates) {
-            if (typeof candidate === 'string' && candidate.trim()) {
-                return candidate.trim();
-            }
-        }
-        return undefined;
-    }
-    cloneRequestPayload(payload) {
-        if (!payload || typeof payload !== 'object') {
-            return undefined;
-        }
-        try {
-            return JSON.parse(JSON.stringify(payload));
-        }
-        catch {
-            return undefined;
+        const legacyRunHubPipeline = this.runHubPipeline;
+        if (Object.prototype.hasOwnProperty.call(this, 'runHubPipeline') &&
+            typeof legacyRunHubPipeline === 'function') {
+            return await executePipelineViaLegacyOverride(this, input, legacyRunHubPipeline);
         }
+        return await this.requestExecutor.execute(input);
     }
     async initializeRouteErrorHub() {
-        try {
-            this.routeErrorHub = initializeRouteErrorHub({ errorHandlingCenter: this.errorHandling });
-            await this.routeErrorHub.initialize();
-        }
-        catch (error) {
-            console.error('[RouteCodexHttpServer] Failed to initialize RouteErrorHub', error);
-        }
+        await initializeRouteErrorHub(this);
     }
 }
 function createNoopPipelineLogger() {
@@ -2798,9 +320,8 @@ function createNoopPipelineLogger() {
         getProviderLogs: () => emptyList(),
         getStatistics: emptyStats,
         clearLogs: noop,
-        exportLogs: () => ([]),
+        exportLogs: () => [],
         log: noop
     };
 }
-import { formatErrorForErrorCenter } from '../../../utils/error-center-payload.js';
 //# sourceMappingURL=index.js.map