@nordbyte/nordrelay 0.6.0 → 0.8.0

package/dist/web-dashboard-pages.js

@@ -123,6 +123,7 @@ export function renderDashboardApp() {
         </div>
         <div class="header-actions">
           <span id="connectionStatus" class="badge">Connecting</span>
+          <select id="peerSelect" title="NordRelay target"></select>
           <select id="agentSelect"></select>
           <button id="themeBtn" class="secondary" title="Toggle dark theme">Dark</button>
           <button id="refreshBtn">Refresh</button>
@@ -208,7 +209,7 @@ export function renderDashboardApp() {
 
       <section class="page" id="page-activity">
         <div class="panel">
-          <div class="row"><select id="activitySource"><option value="all">All sources</option><option value="web">Web</option><option value="telegram">Telegram</option><option value="discord">Discord</option><option value="cli">CLI</option></select><select id="activityCategory"><option value="all">All categories</option><option value="prompt">Prompt</option><option value="session">Session</option><option value="queue">Queue</option><option value="agent-update">Agent update</option><option value="artifact">Artifact</option><option value="system">System</option><option value="auth">Auth</option><option value="security">Security</option><option value="tool">Tool</option></select><select id="activityStatus"><option value="all">All statuses</option><option value="queued">Queued</option><option value="running">Running</option><option value="completed">Completed</option><option value="failed">Failed</option><option value="aborted">Aborted</option><option value="info">Info</option></select><input id="activityActor" placeholder="Actor"><input id="activityAgent" placeholder="Agent"><input id="activityThread" placeholder="Thread ID"><input id="activityWorkspace" placeholder="Workspace"><input id="activityType" placeholder="Type"><input id="activitySince" type="datetime-local"><input id="activityLimit" type="number" value="100" min="1" max="500"><button id="loadActivityBtn">Load activity</button><button id="exportActivityBtn" class="secondary">Export</button></div>
+          <div class="row"><select id="activitySource"><option value="all">All sources</option><option value="web">Web</option><option value="telegram">Telegram</option><option value="discord">Discord</option><option value="slack">Slack</option><option value="cli">CLI</option></select><select id="activityCategory"><option value="all">All categories</option><option value="prompt">Prompt</option><option value="session">Session</option><option value="queue">Queue</option><option value="agent-update">Agent update</option><option value="artifact">Artifact</option><option value="system">System</option><option value="auth">Auth</option><option value="security">Security</option><option value="tool">Tool</option></select><select id="activityStatus"><option value="all">All statuses</option><option value="queued">Queued</option><option value="running">Running</option><option value="completed">Completed</option><option value="failed">Failed</option><option value="aborted">Aborted</option><option value="info">Info</option></select><input id="activityActor" placeholder="Actor"><input id="activityAgent" placeholder="Agent"><input id="activityThread" placeholder="Thread ID"><input id="activityWorkspace" placeholder="Workspace"><input id="activityType" placeholder="Type"><input id="activitySince" type="datetime-local"><input id="activityLimit" type="number" value="100" min="1" max="500"><button id="loadActivityBtn">Load activity</button><button id="exportActivityBtn" class="secondary">Export</button></div>
           <div id="activityList" class="list"></div>
         </div>
       </section>
@@ -225,17 +226,31 @@ export function renderDashboardApp() {
         <div class="panel">
           <div class="row"><button id="reloadAdaptersBtn">Reload adapters</button></div>
           <div id="adapterHealth" class="list"></div>
+          <h2 class="task-section-title">Adapter Conformance</h2>
+          <div id="adapterConformance" class="list"></div>
+        </div>
+      </section>
+
+      <section class="page" id="page-peers">
+        <div class="panel">
+          <div class="row"><button id="loadPeersBtn">Reload peers</button><button id="createPeerInviteBtn">Create invite</button><button id="addPeerBtn" class="secondary">Add peer</button></div>
+          <div id="peerStatus" class="list"></div>
+          <h2>Configured peers</h2>
+          <div id="peersList" class="list"></div>
+          <h2>Open invitations</h2>
+          <div id="peerInvites" class="list"></div>
         </div>
       </section>
 
       <section class="page" id="page-access">
         <div class="panel">
-          <div class="row"><button id="loadAccessBtn">Reload users</button><button id="createUserBtn">Create user</button><button id="createGroupBtn" class="secondary">Create group</button><button id="createChatBtn" class="secondary">Add Telegram chat</button><button id="createDiscordChannelBtn" class="secondary">Add Discord channel</button><button id="lockSessionBtn" class="secondary">Lock web session</button><button id="unlockSessionBtn" class="secondary">Unlock web session</button></div>
+          <div class="row"><button id="loadAccessBtn">Reload users</button><button id="createUserBtn">Create user</button><button id="createGroupBtn" class="secondary">Create group</button><button id="createChatBtn" class="secondary">Add Telegram chat</button><button id="createDiscordChannelBtn" class="secondary">Add Discord channel</button><button id="createSlackChannelBtn" class="secondary">Add Slack channel</button><button id="lockSessionBtn" class="secondary">Lock web session</button><button id="unlockSessionBtn" class="secondary">Unlock web session</button></div>
           <div id="accessTabs" class="tabs access-tabs">
             <button type="button" data-access-tab="users" class="active">Users</button>
             <button type="button" data-access-tab="groups">Groups</button>
             <button type="button" data-access-tab="telegram">Telegram</button>
             <button type="button" data-access-tab="discord">Discord</button>
+            <button type="button" data-access-tab="slack">Slack</button>
             <button type="button" data-access-tab="locks">Locks</button>
             <button type="button" data-access-tab="audit">Audit</button>
           </div>
@@ -257,13 +272,20 @@ export function renderDashboardApp() {
             </div>
             <div id="discordChannelsList" class="list"></div>
           </div>
+          <div class="access-tab" data-access-tab-panel="slack">
+            <div class="access-tab-heading">
+              <h2>Slack channels</h2>
+              <input id="slackChannelSearch" placeholder="Search Slack channels">
+            </div>
+            <div id="slackChannelsList" class="list"></div>
+          </div>
           <div class="access-tab" data-access-tab-panel="locks">
             <h2>Locks</h2>
             <div id="locksList" class="list"></div>
           </div>
           <div class="access-tab" data-access-tab-panel="audit">
             <h2>Audit</h2>
-            <div class="row"><select id="auditChannel"><option value="all">All channels</option><option value="web">Web</option><option value="telegram">Telegram</option><option value="discord">Discord</option></select><select id="auditCategory"><option value="all">All categories</option><option value="prompt">Prompt</option><option value="session">Session</option><option value="queue">Queue</option><option value="agent-update">Agent update</option><option value="artifact">Artifact</option><option value="system">System</option><option value="auth">Auth</option><option value="security">Security</option><option value="tool">Tool</option></select><select id="auditStatus"><option value="all">All statuses</option><option value="ok">OK</option><option value="failed">Failed</option><option value="denied">Denied</option></select><input id="auditActor" placeholder="Actor"><input id="auditAgent" placeholder="Agent"><input id="auditThread" placeholder="Thread ID"><input id="auditWorkspace" placeholder="Workspace"><input id="auditSince" type="datetime-local"><input id="auditLimit" type="number" value="50" min="1" max="500"><button id="loadAuditBtn">Load audit</button><button id="exportAuditBtn" class="secondary">Export</button></div>
+            <div class="row"><select id="auditChannel"><option value="all">All channels</option><option value="web">Web</option><option value="telegram">Telegram</option><option value="discord">Discord</option><option value="slack">Slack</option></select><select id="auditCategory"><option value="all">All categories</option><option value="prompt">Prompt</option><option value="session">Session</option><option value="queue">Queue</option><option value="agent-update">Agent update</option><option value="artifact">Artifact</option><option value="system">System</option><option value="auth">Auth</option><option value="security">Security</option><option value="tool">Tool</option></select><select id="auditStatus"><option value="all">All statuses</option><option value="ok">OK</option><option value="failed">Failed</option><option value="denied">Denied</option></select><input id="auditActor" placeholder="Actor"><input id="auditAgent" placeholder="Agent"><input id="auditThread" placeholder="Thread ID"><input id="auditWorkspace" placeholder="Workspace"><input id="auditSince" type="datetime-local"><input id="auditLimit" type="number" value="50" min="1" max="500"><button id="loadAuditBtn">Load audit</button><button id="exportAuditBtn" class="secondary">Export</button></div>
             <div id="auditList" class="list"></div>
           </div>
         </div>
@@ -280,7 +302,7 @@ export function renderDashboardApp() {
 
       <section class="page" id="page-settings">
         <div class="panel">
-          <div class="row"><button id="saveSettingsBtn">Save settings</button><button id="restartBtn" class="secondary">Restart NordRelay</button><span id="settingsStatus"></span></div>
+          <div class="row"><button id="saveSettingsBtn">Save settings</button><button id="settingsWizardBtn" class="secondary">Setup wizard</button><button id="restartBtn" class="secondary">Restart NordRelay</button><span id="settingsStatus"></span></div>
           <div id="settingsTabs" class="tabs"></div>
           <div id="settingsForm" class="settings-grid"></div>
         </div>

package/dist/web-dashboard-peer-routes.js

@@ -0,0 +1,225 @@
+import { isPermission } from "./access-control.js";
+import { AGENT_IDS, isAgentId } from "./agent.js";
+import { ensurePeerTlsFiles, loadOrCreatePeerIdentity, } from "./peer-identity.js";
+import { checkPeerEndpoint, pairPeer, RemoteRelayClient } from "./peer-client.js";
+import { buildPeerReadiness, peerListenUrl } from "./peer-readiness.js";
+import { PeerStore } from "./peer-store.js";
+import { publicPeer } from "./peer-types.js";
+import { arrayStringField, objectRecord, optionalBooleanField, optionalNumberField, optionalStringField, readJsonBody, sendJson, } from "./web-dashboard-http.js";
+export async function handleDashboardPeerRoute(req, res, url, options) {
+    const store = new PeerStore(options.home);
+    const identity = loadOrCreatePeerIdentity(options.home, options.config.peerName);
+    const tls = options.config.peerTlsEnabled ? ensurePeerTlsFiles(options.home, identity.public) : null;
+    if (req.method === "GET" && url.pathname === "/api/peers") {
+        const readiness = await buildPeerReadiness(options.config);
+        sendJson(res, 200, store.snapshot(identity.public, {
+            enabled: options.config.peerEnabled,
+            listenUrl: readiness.listenUrl,
+            requireTls: options.config.peerRequireTls,
+            readiness,
+        }));
+        return true;
+    }
+    if (req.method === "POST" && url.pathname === "/api/peers/invite") {
+        const body = await readJsonBody(req);
+        const readiness = await buildPeerReadiness(options.config);
+        const created = store.createInvitation({
+            name: optionalStringField(body, "name"),
+            expiresInMs: (optionalNumberField(body, "expiresMinutes") ?? 10) * 60 * 1000,
+            scopes: parseScopes(arrayStringField(body, "scopes")),
+            allowedAgents: parseAgents(arrayStringField(body, "allowedAgents")),
+            allowedWorkspaceRoots: arrayStringField(body, "allowedWorkspaceRoots"),
+            workspaceAliases: parseWorkspaceAliases(body.workspaceAliases),
+        });
+        const listenUrl = readiness.listenUrl;
+        const command = `nordrelay peer add ${listenUrl} --code ${created.code}`;
+        sendJson(res, 201, {
+            invitation: created.invitation,
+            code: created.code,
+            url: listenUrl,
+            fingerprint: identity.public.fingerprint,
+            tlsFingerprint: tls?.fingerprint,
+            command,
+            readiness,
+            warnings: readiness.warnings,
+        });
+        options.auditPeerAction?.("peer_invite_created", created.invitation.name);
+        return true;
+    }
+    if (req.method === "POST" && url.pathname === "/api/peers/probe") {
+        const body = await readJsonBody(req);
+        const readiness = await buildPeerReadiness(options.config);
+        const peerId = optionalStringField(body, "peerId");
+        if (peerId) {
+            const probe = await new RemoteRelayClient(store).rpc(peerId, "peer.probe", {}, options.activityActor);
+            sendJson(res, 200, { type: "remote", peerId, readiness, probe });
+            return true;
+        }
+        const expectedTlsFingerprint = options.config.peerPublicUrl ? undefined : tls?.fingerprint;
+        const probe = await checkPeerEndpoint(readiness.listenUrl, { expectedTlsFingerprint });
+        sendJson(res, 200, { type: "local", readiness, probe });
+        return true;
+    }
+    const invitationMatch = url.pathname.match(/^\/api\/peers\/invitations\/([^/]+)$/);
+    if (invitationMatch?.[1] && req.method === "DELETE") {
+        const invitation = store.deleteInvitation(decodeURIComponent(invitationMatch[1]));
+        sendJson(res, 200, { removed: Boolean(invitation), invitation });
+        if (invitation) {
+            options.auditPeerAction?.("peer_invite_deleted", `${invitation.name} (${invitation.id})`);
+        }
+        return true;
+    }
+    if (req.method === "POST" && (url.pathname === "/api/peers" || url.pathname === "/api/peers/pair")) {
+        const body = await readJsonBody(req);
+        const result = await pairPeer({
+            url: requiredString(body, "url"),
+            code: requiredString(body, "code"),
+            name: optionalStringField(body, "name"),
+            publicUrl: optionalStringField(body, "publicUrl"),
+        }, identity, store);
+        sendJson(res, 201, { peer: publicPeer(result.peer), tlsFingerprint: result.tlsFingerprint });
+        options.auditPeerAction?.("peer_paired", `${result.peer.name} (${result.peer.id})`);
+        return true;
+    }
+    const peerMatch = url.pathname.match(/^\/api\/peers\/([^/]+)$/);
+    if (peerMatch?.[1] && req.method === "PATCH") {
+        const body = await readJsonBody(req);
+        const peer = store.updatePeer(decodeURIComponent(peerMatch[1]), {
+            name: optionalStringField(body, "name"),
+            url: optionalStringField(body, "url"),
+            enabled: optionalBooleanField(body, "enabled"),
+            scopes: body.scopes === undefined ? undefined : parseScopes(arrayStringField(body, "scopes")),
+            allowedAgents: body.allowedAgents === undefined ? undefined : parseAgents(arrayStringField(body, "allowedAgents")),
+            allowedWorkspaceRoots: body.allowedWorkspaceRoots === undefined ? undefined : arrayStringField(body, "allowedWorkspaceRoots"),
+            workspaceAliases: body.workspaceAliases === undefined ? undefined : parseWorkspaceAliases(body.workspaceAliases),
+        });
+        sendJson(res, 200, { peer: publicPeer(peer) });
+        options.auditPeerAction?.("peer_updated", `${peer.name} (${peer.id})`);
+        return true;
+    }
+    if (req.method === "GET" && url.pathname === "/api/peers/global-sessions") {
+        const query = optionalStringField(Object.fromEntries(url.searchParams), "query") ?? "";
+        const agent = parseAgent(optionalStringField(Object.fromEntries(url.searchParams), "agent"));
+        const limit = Math.min(Math.max(Number(url.searchParams.get("limit") ?? 50), 1), 50);
+        const client = new RemoteRelayClient(store);
+        const targets = [];
+        if (options.runtime) {
+            targets.push({
+                peerId: "local",
+                peerName: "Local",
+                ok: true,
+                data: await options.runtime.listSessionsPage(1, limit, query, agent),
+            });
+        }
+        const peers = store.listPublic().filter((peer) => peer.enabled && peer.url);
+        const remoteTargets = await Promise.all(peers.map(async (peer) => {
+            try {
+                const data = await client.webProxy(peer.id, {
+                    method: "GET",
+                    path: "/api/sessions",
+                    query: { query, page: 1, limit, agent },
+                    body: {},
+                    contextKey: "web:dashboard",
+                }, options.activityActor, "web:dashboard");
+                return { peerId: peer.id, peerName: peer.name, ok: true, data };
+            }
+            catch (error) {
+                return { peerId: peer.id, peerName: peer.name, ok: false, error: error instanceof Error ? error.message : String(error) };
+            }
+        }));
+        sendJson(res, 200, { targets: [...targets, ...remoteTargets] });
+        return true;
+    }
+    if (peerMatch?.[1] && req.method === "DELETE") {
+        const peerId = decodeURIComponent(peerMatch[1]);
+        const removed = store.revokePeer(peerId);
+        sendJson(res, 200, { removed });
+        if (removed) {
+            options.auditPeerAction?.("peer_revoked", peerId);
+        }
+        return true;
+    }
+    const proxyMatch = url.pathname.match(/^\/api\/peers\/([^/]+)\/proxy$/);
+    if (proxyMatch?.[1] && req.method === "POST") {
+        const body = await readJsonBody(req);
+        const payload = parseProxyPayload(body);
+        const data = await new RemoteRelayClient(store).webProxy(decodeURIComponent(proxyMatch[1]), payload, options.activityActor, payload.contextKey);
+        sendJson(res, 200, data);
+        return true;
+    }
+    const healthMatch = url.pathname.match(/^\/api\/peers\/([^/]+)\/health$/);
+    if (healthMatch?.[1] && req.method === "GET") {
+        const peerId = decodeURIComponent(healthMatch[1]);
+        const data = await new RemoteRelayClient(store).rpc(peerId, "peer.ping", undefined, options.activityActor);
+        sendJson(res, 200, { data, peer: publicPeer(store.get(peerId)) });
+        return true;
+    }
+    const eventsMatch = url.pathname.match(/^\/api\/peers\/([^/]+)\/events$/);
+    if (eventsMatch?.[1] && req.method === "GET") {
+        res.writeHead(200, {
+            "content-type": "text/event-stream; charset=utf-8",
+            "cache-control": "no-cache, no-transform",
+            connection: "keep-alive",
+        });
+        const sourceContextKey = url.searchParams.get("contextKey") || undefined;
+        const subscription = new RemoteRelayClient(store).subscribe(decodeURIComponent(eventsMatch[1]), (event) => {
+            if (res.destroyed || res.writableEnded)
+                return;
+            res.write(`event: ${event.type}\n`);
+            res.write(`data: ${JSON.stringify(event)}\n\n`);
+        }, (error) => {
+            if (!res.destroyed && !res.writableEnded) {
+                res.write("event: status\n");
+                res.write(`data: ${JSON.stringify({ type: "status", level: "error", message: error.message, at: new Date().toISOString() })}\n\n`);
+            }
+        }, sourceContextKey);
+        const heartbeat = setInterval(() => {
+            if (!res.destroyed && !res.writableEnded)
+                res.write(": heartbeat\n\n");
+        }, 25_000);
+        heartbeat.unref?.();
+        req.on("close", () => {
+            clearInterval(heartbeat);
+            subscription.close();
+        });
+        return true;
+    }
+    return false;
+}
+function parseScopes(values) {
+    return values.filter(isPermission);
+}
+function parseAgents(values) {
+    const parsed = values.filter(isAgentId);
+    return parsed.length > 0 ? parsed : [...AGENT_IDS];
+}
+function parseAgent(value) {
+    return value && isAgentId(value) ? value : undefined;
+}
+function parseProxyPayload(body) {
+    return {
+        method: requiredString(body, "method"),
+        path: requiredString(body, "path"),
+        query: objectRecord(body.query),
+        body: objectRecord(body.body),
+        contextKey: optionalStringField(body, "contextKey"),
+    };
+}
+function parseWorkspaceAliases(value) {
+    if (typeof value === "string") {
+        return Object.fromEntries(value.split(",").map((item) => {
+            const [alias, workspace] = item.split("=", 2);
+            return [alias?.trim() ?? "", workspace?.trim() ?? ""];
+        }).filter(([alias, workspace]) => alias && workspace));
+    }
+    const record = objectRecord(value);
+    return Object.fromEntries(Object.entries(record).filter((entry) => typeof entry[1] === "string" && entry[0].trim().length > 0 && entry[1].trim().length > 0));
+}
+function requiredString(body, key) {
+    const value = body[key];
+    const text = typeof value === "string" ? value.trim() : "";
+    if (!text) {
+        throw new Error(`${key} is required.`);
+    }
+    return text;
+}

package/dist/web-dashboard-ui.js

@@ -8,6 +8,7 @@ export const DASHBOARD_PAGES = [
     { id: "activity", label: "Activity", permission: "sessions.read" },
     { id: "artifacts", label: "Artifacts", permission: "files.read" },
     { id: "adapters", label: "Adapters", permission: "inspect" },
+    { id: "peers", label: "Peers", permission: "peers.read" },
     { id: "access", label: "Users", permission: "users.read" },
     { id: "version", label: "Version", permission: "inspect" },
     { id: "settings", label: "Settings", permission: "settings.read" },

package/dist/web-dashboard.js

@@ -4,6 +4,7 @@ import os from "node:os";
 import path from "node:path";
 import { URL } from "node:url";
 import { enabledAgents } from "./agent-factory.js";
+import { buildAdapterConformanceMatrix } from "./adapter-conformance.js";
 import { listAgentAdapterDescriptors } from "./agent-adapter.js";
 import { isAgentId } from "./agent.js";
 import { AuditLogStore } from "./audit-log.js";
@@ -13,6 +14,7 @@ import { loadConfig } from "./config.js";
 import { friendlyErrorText } from "./error-messages.js";
 import { RelayRuntime } from "./relay-runtime.js";
 import { resolveDashboardEnvPath, SettingsService } from "./settings-service.js";
+import { mergeSettingsWizardTestSettings, runSettingsWizardTest } from "./settings-wizard-test.js";
 import { UserStore, publicUser } from "./user-management.js";
 import { handleDashboardAccessRoute } from "./web-dashboard-access-routes.js";
 import { handleDashboardArtifactRoute } from "./web-dashboard-artifact-routes.js";
@@ -21,6 +23,7 @@ import { objectRecord, optionalStringField, parseCookies, readJsonBody, sendJson
 import { renderDashboardApp, renderFirstRunSetupPage, renderLoginPage } from "./web-dashboard-pages.js";
 import { handleDashboardRuntimeRoute } from "./web-dashboard-runtime-routes.js";
 import { handleDashboardSessionRoute } from "./web-dashboard-session-routes.js";
+import { handleDashboardPeerRoute } from "./web-dashboard-peer-routes.js";
 const DEFAULT_HOME = path.join(os.homedir(), ".nordrelay");
 const options = parseOptions(process.argv.slice(2));
 const config = loadConfig();
@@ -160,6 +163,7 @@ async function handleApi(req, res, url, authUser) {
             auth: currentUserDto(authUser),
             channels: listChannelDescriptors(),
             agentAdapters: listAgentAdapterDescriptors().filter((adapter) => users.canUseAgent(authUser, adapter.id)),
+            adapterConformance: scopedAdapterConformance(authUser),
             enabledAgents: enabledAgents(config).filter((agentId) => users.canUseAgent(authUser, agentId)),
             controls: scopedControlOptions(authUser, await runtime.controlOptions()),
             status: await runtime.bootstrapStatus(),
@@ -172,6 +176,10 @@ async function handleApi(req, res, url, authUser) {
         sendJson(res, 200, scopedControlOptions(authUser, await runtime.controlOptions(agentId)));
         return;
     }
+    if (req.method === "GET" && url.pathname === "/api/adapters/conformance") {
+        sendJson(res, 200, scopedAdapterConformance(authUser));
+        return;
+    }
     if (await handleDashboardAccessRoute(req, res, url, {
         users,
         runtime,
@@ -180,6 +188,15 @@ async function handleApi(req, res, url, authUser) {
     })) {
         return;
     }
+    if (await handleDashboardPeerRoute(req, res, url, {
+        config,
+        home: options.home,
+        runtime,
+        activityActor: webActivityActor(authUser),
+        auditPeerAction: (action, description) => auditUserAction(authUser, action, description),
+    })) {
+        return;
+    }
     if (req.method === "GET" && url.pathname === "/api/settings") {
         sendJson(res, 200, await settings.snapshot(process.env, activeSettingsValues(config)));
         return;
@@ -189,6 +206,11 @@ async function handleApi(req, res, url, authUser) {
         sendJson(res, 200, await settings.update(objectRecord(body?.settings)));
         return;
     }
+    if (req.method === "POST" && url.pathname === "/api/settings/wizard/test") {
+        const body = await readJsonBody(req);
+        sendJson(res, 200, await runSettingsWizardTest(optionalStringField(body, "channel") ?? "", mergeSettingsWizardTestSettings(activeSettingsValues(config), objectRecord(body?.settings))));
+        return;
+    }
     if (await handleDashboardSessionRoute(req, res, url, {
         runtime,
         authUser,
@@ -464,6 +486,13 @@ function scopedControlOptions(authUser, options) {
         workspaces: options.workspaces.filter((workspace) => users.canUseWorkspace(authUser, workspace)),
     };
 }
+function scopedAdapterConformance(authUser) {
+    const matrix = buildAdapterConformanceMatrix();
+    return {
+        ...matrix,
+        agents: matrix.agents.filter((adapter) => users.canUseAgent(authUser, adapter.id)),
+    };
+}
 function scopedSessionPage(authUser, page) {
     return {
         ...page,
@@ -494,6 +523,8 @@ async function scopeRelayEvent(authUser, event, canUseCurrentSession = () => can
             return canUseSession(authUser, event.session) ? event : null;
         case "activity_update":
             return { ...event, events: filterActivityByScope(authUser, event.events) };
+        case "active_sessions_update":
+            return { ...event, active: scopedActiveSessions(authUser, event.active) };
         case "agent_update":
             return users.canUseAgent(authUser, event.job.agentId) ? event : null;
         case "status":
@@ -640,6 +671,21 @@ function activeSettingsValues(current) {
         DISCORD_NOTIFY_MODE: current.discordNotifyMode === current.notifyMode ? "" : current.discordNotifyMode,
         DISCORD_QUIET_HOURS: quietOverrideValue(current.discordQuietHours, current.quietHours),
         DISCORD_AUTO_SEND_ARTIFACTS: current.discordAutoSendArtifacts === current.autoSendArtifacts ? "" : boolValue(current.discordAutoSendArtifacts),
+        SLACK_ENABLED: boolValue(current.slackEnabled),
+        SLACK_BOT_TOKEN: current.slackBotToken,
+        SLACK_APP_TOKEN: current.slackAppToken,
+        SLACK_SIGNING_SECRET: current.slackSigningSecret,
+        SLACK_SOCKET_MODE: boolValue(current.slackSocketMode),
+        SLACK_PORT: String(current.slackPort),
+        SLACK_ALLOWED_TEAM_IDS: current.slackAllowedTeamIds.join(","),
+        SLACK_ALLOWED_CHANNEL_IDS: current.slackAllowedChannelIds.join(","),
+        SLACK_MESSAGE_CONTENT_ENABLED: boolValue(current.slackMessageContentEnabled),
+        SLACK_COMMAND: current.slackCommand,
+        SLACK_CLI_MIRROR_MODE: current.slackMirrorMode === current.mirrorMode ? "" : current.slackMirrorMode,
+        SLACK_CLI_MIRROR_MIN_UPDATE_MS: current.slackMirrorMinUpdateMs === current.mirrorMinUpdateMs ? "" : String(current.slackMirrorMinUpdateMs),
+        SLACK_NOTIFY_MODE: current.slackNotifyMode === current.notifyMode ? "" : current.slackNotifyMode,
+        SLACK_QUIET_HOURS: quietOverrideValue(current.slackQuietHours, current.quietHours),
+        SLACK_AUTO_SEND_ARTIFACTS: current.slackAutoSendArtifacts === current.autoSendArtifacts ? "" : boolValue(current.slackAutoSendArtifacts),
         NORDRELAY_CODEX_ENABLED: boolValue(current.codexEnabled),
         NORDRELAY_PI_ENABLED: boolValue(current.piEnabled),
         NORDRELAY_HERMES_ENABLED: boolValue(current.hermesEnabled),

package/dist/web-state.js

@@ -123,7 +123,7 @@ function isWebChatMessage(value) {
         typeof candidate.text === "string" &&
         typeof candidate.timestamp === "string" &&
         ["user", "agent", "system", "tool"].includes(candidate.role) &&
-        ["web", "telegram", "discord", "cli"].includes(candidate.source);
+        ["web", "telegram", "discord", "slack", "cli"].includes(candidate.source);
 }
 function isWebActivityEvent(value) {
     if (!value || typeof value !== "object" || Array.isArray(value)) {
@@ -133,7 +133,7 @@ function isWebActivityEvent(value) {
     return typeof candidate.id === "string" &&
         typeof candidate.timestamp === "string" &&
         typeof candidate.type === "string" &&
-        ["web", "telegram", "discord", "cli"].includes(candidate.source) &&
+        ["web", "telegram", "discord", "slack", "cli"].includes(candidate.source) &&
         ["queued", "running", "completed", "failed", "aborted", "info"].includes(candidate.status);
 }
 function normalizeSince(value) {