@oscharko-dev/keiko 0.1.0-beta.0

package/dist/tools/types.js

@@ -0,0 +1,103 @@
+// All tool-layer interfaces and the frozen default tables (env allowlist, command rules,
+// sandbox policy, limits, host config). No runtime logic lives here beyond the frozen
+// constant tables the type layer exposes as values, mirroring the ADR-0003/0004/0005
+// `types.ts` precedent. `readonly` everywhere; optional props are `| undefined` because
+// exactOptionalPropertyTypes is on. Imports end `.js`, double quotes, `type` keyword.
+// Cross-platform name allowlist. Only names that are PRESENT in the parent are copied, so an
+// absent Windows var on POSIX (or vice versa) is simply skipped.
+//
+// HOME and USERPROFILE are deliberately ABSENT (C5). Forwarding the developer's real home would let
+// a subprocess read ~/.npmrc (npm tokens), ~/.git-credentials, and ~/.aws/… by standard home-dir
+// lookup. runCommand instead injects an ephemeral, EMPTY per-run dir as HOME/USERPROFILE so those
+// lookups resolve to nothing (ADR-0006 D2 Dimension 1).
+export const DEFAULT_ENV_ALLOWLIST = Object.freeze([
+    "PATH",
+    "LANG",
+    "LC_ALL",
+    "LC_CTYPE",
+    "TZ",
+    "TERM",
+    "TMPDIR",
+    // Windows essentials so spawned tools resolve the shell-less executable correctly.
+    "SystemRoot",
+    "SystemDrive",
+    "PATHEXT",
+    "COMSPEC",
+    "NUMBER_OF_PROCESSORS",
+    "WINDIR",
+]);
+export const DEFAULT_SANDBOX_POLICY = {
+    envAllowlist: DEFAULT_ENV_ALLOWLIST,
+    network: "inherit",
+    maxOutputBytes: 262_144,
+    defaultTimeoutMs: 30_000,
+    terminationGraceMs: 2_000,
+};
+// Minimal, justified default rules. Everything not listed is denied (deny-by-default).
+export const DEFAULT_COMMAND_RULES = Object.freeze([
+    {
+        executable: "npm",
+        // Read-only npm only. Mutating/package-installing subcommands are excluded by omission.
+        allowedSubcommands: Object.freeze([
+            "audit",
+            "ls",
+            "list",
+            "outdated",
+            "view",
+            "info",
+            "help",
+            "ping",
+        ]),
+        // `-c`/`--call` execute a command string in a shell; deny outright (S-H2).
+        denyFlags: Object.freeze(["-c", "--call"]),
+    },
+    {
+        executable: "git",
+        // READ-ONLY git only; push/reset/checkout/commit/merge/rebase/clean/config/remote denied.
+        allowedSubcommands: Object.freeze([
+            "status",
+            "diff",
+            "log",
+            "show",
+            "rev-parse",
+            "ls-files",
+            "describe",
+            "blame",
+            "cat-file",
+        ]),
+        // Global value flags that precede the subcommand (`git -C DIR <sub>`). Skipping them prevents
+        // the value (DIR) from being read as the subcommand (S-H2).
+        valueFlags: Object.freeze([
+            "-C",
+            "-c",
+            "--git-dir",
+            "--work-tree",
+            "--namespace",
+            "--exec-path",
+        ]),
+    },
+]);
+export const DEFAULT_PATCH_LIMITS = {
+    maxPatchBytes: 65_536,
+    maxChangedLines: 2_000,
+    maxFilesChanged: 50,
+};
+export const DEFAULT_TOOL_HOST_CONFIG = {
+    sandbox: DEFAULT_SANDBOX_POLICY,
+    commandRules: DEFAULT_COMMAND_RULES,
+    patchLimits: DEFAULT_PATCH_LIMITS,
+    applyEnabled: false,
+    maxReadBytes: 262_144,
+};
+// Deep-merges a caller override over the defaults: the nested sandbox/patchLimits objects merge
+// field-by-field so a partial override never drops an unspecified default (S-M2).
+export function resolveToolHostConfig(input) {
+    const base = DEFAULT_TOOL_HOST_CONFIG;
+    return {
+        sandbox: { ...base.sandbox, ...input?.sandbox },
+        commandRules: input?.commandRules ?? base.commandRules,
+        patchLimits: { ...base.patchLimits, ...input?.patchLimits },
+        applyEnabled: input?.applyEnabled ?? base.applyEnabled,
+        maxReadBytes: input?.maxReadBytes ?? base.maxReadBytes,
+    };
+}

package/dist/tools/writer.d.ts

@@ -0,0 +1,7 @@
+export interface WorkspaceWriter {
+    readonly writeFileUtf8: (absolutePath: string, content: string) => void;
+    readonly mkdirp: (absoluteDir: string) => void;
+    readonly remove: (absolutePath: string) => void;
+    readonly rename: (fromAbsolute: string, toAbsolute: string) => void;
+}
+export declare const nodeWorkspaceWriter: WorkspaceWriter;

package/dist/tools/writer.js

@@ -0,0 +1,20 @@
+// The single controlled filesystem-WRITE boundary (ADR-0006 D2). WorkspaceFs stays read-only
+// (ADR-0005); all mutation goes through this port so the apply phase is auditable and testable
+// with an in-memory fake. Callers (patch.ts) MUST pre-validate every absolute path via
+// resolveWithinWorkspace + isDenied before handing it here; this adapter does no validation
+// itself — it is the effectful edge, kept deliberately thin. Synchronous, mirroring nodeWorkspaceFs.
+import { mkdirSync, renameSync, rmSync, writeFileSync } from "node:fs";
+export const nodeWorkspaceWriter = {
+    writeFileUtf8: (absolutePath, content) => {
+        writeFileSync(absolutePath, content, "utf8");
+    },
+    mkdirp: (absoluteDir) => {
+        mkdirSync(absoluteDir, { recursive: true });
+    },
+    remove: (absolutePath) => {
+        rmSync(absolutePath, { force: true });
+    },
+    rename: (fromAbsolute, toAbsolute) => {
+        renameSync(fromAbsolute, toAbsolute);
+    },
+};

package/dist/ui/browser.d.ts

@@ -0,0 +1,10 @@
+import type { UiHandlerDeps } from "./deps.js";
+import { type HandlerOutcome, type RouteContext, type RouteResult } from "./routes.js";
+export declare function handleBrowserStatus(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleCreateBrowserSession(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleDeleteBrowserSession(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleBrowserNavigate(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleBrowserScreenshot(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleBrowserApplyScreenshot(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleBrowserContent(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleBrowserEvents(ctx: RouteContext, deps: UiHandlerDeps): HandlerOutcome;

package/dist/ui/browser.js

@@ -0,0 +1,231 @@
+// ADR-0017 D8 — eight /api/browser/* BFF route handlers. CSRF guarding is enforced by the
+// server.ts state-changing-request gate (POST/DELETE all flow through it). GET status + GET
+// events are exempt by the same gate. SSE framing reuses the existing sse.ts helpers.
+import { BrowserToolError, } from "../tools/browser/index.js";
+import { SSE_HEADERS, readyMessage } from "./sse.js";
+import { errorBody, STREAMING, } from "./routes.js";
+const MAX_BROWSER_BODY_BYTES = 64_000;
+class BodyTooLargeError extends Error {
+    constructor() {
+        super("browser request body too large");
+        this.name = "BodyTooLargeError";
+    }
+}
+function noBrowserDeps() {
+    return {
+        status: 503,
+        body: errorBody("BROWSER_UNAVAILABLE", "Browser tool is not configured for this BFF."),
+    };
+}
+function requireBrowser(deps) {
+    return deps.browser ?? noBrowserDeps();
+}
+function isRouteResult(value) {
+    return typeof value.status === "number";
+}
+function toRouteResult(error) {
+    return { status: error.status, body: errorBody(error.code, error.message) };
+}
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        const chunks = [];
+        let total = 0;
+        let capped = false;
+        req.on("data", (chunk) => {
+            total += chunk.length;
+            if (total > MAX_BROWSER_BODY_BYTES) {
+                if (!capped) {
+                    capped = true;
+                    chunks.length = 0;
+                    reject(new BodyTooLargeError());
+                    req.resume();
+                }
+                return;
+            }
+            chunks.push(chunk);
+        });
+        req.on("end", () => {
+            if (!capped)
+                resolve(Buffer.concat(chunks).toString("utf8"));
+        });
+        req.on("error", reject);
+    });
+}
+async function readJsonObject(req) {
+    const raw = await readBody(req);
+    if (raw.length === 0)
+        return {};
+    let parsed;
+    try {
+        parsed = JSON.parse(raw);
+    }
+    catch {
+        throw new BrowserToolError("BAD_REQUEST", "Request body is not valid JSON.");
+    }
+    if (typeof parsed !== "object" || parsed === null || Array.isArray(parsed)) {
+        throw new BrowserToolError("BAD_REQUEST", "Request body must be a JSON object.");
+    }
+    return parsed;
+}
+function requireString(body, key) {
+    const value = body[key];
+    if (typeof value !== "string" || value.length === 0) {
+        throw new BrowserToolError("BAD_REQUEST", `Field "${key}" must be a non-empty string.`);
+    }
+    return value;
+}
+function requireNumber(body, key) {
+    const value = body[key];
+    if (typeof value !== "number" || !Number.isFinite(value)) {
+        throw new BrowserToolError("BAD_REQUEST", `Field "${key}" must be a finite number.`);
+    }
+    return value;
+}
+async function runHandler(work) {
+    try {
+        return await work();
+    }
+    catch (error) {
+        if (error instanceof BodyTooLargeError) {
+            return {
+                status: 413,
+                body: errorBody("PAYLOAD_TOO_LARGE", "Request body exceeds the size limit."),
+            };
+        }
+        if (error instanceof BrowserToolError)
+            return toRouteResult(error);
+        throw error;
+    }
+}
+export async function handleBrowserStatus(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        const portParam = ctx.url.searchParams.get("port");
+        if (portParam === null) {
+            throw new BrowserToolError("BAD_REQUEST", "Query parameter 'port' is required.");
+        }
+        const port = Number.parseInt(portParam, 10);
+        if (!Number.isFinite(port)) {
+            throw new BrowserToolError("BAD_REQUEST", "Query parameter 'port' must be an integer.");
+        }
+        const status = await guard.checkStatus(port);
+        return { status: 200, body: status };
+    });
+}
+export async function handleCreateBrowserSession(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        const body = await readJsonObject(ctx.req);
+        const port = requireNumber(body, "port");
+        const meta = await guard.openSession(port);
+        return { status: 201, body: meta };
+    });
+}
+export async function handleDeleteBrowserSession(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        const sessionId = ctx.params.sessionId ?? "";
+        await guard.closeSession(sessionId);
+        return { status: 200, body: { ok: true } };
+    });
+}
+export async function handleBrowserNavigate(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        const body = await readJsonObject(ctx.req);
+        const url = requireString(body, "url");
+        const sessionId = ctx.params.sessionId ?? "";
+        const result = await guard.navigate(sessionId, url);
+        return { status: 200, body: result };
+    });
+}
+export async function handleBrowserScreenshot(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        // Drain the body through readJsonObject so the 64 KB cap (MAX_BROWSER_BODY_BYTES) is
+        // enforced even though this handler expects no fields. Raw node:http has no global cap.
+        await readJsonObject(ctx.req);
+        const sessionId = ctx.params.sessionId ?? "";
+        const result = await guard.screenshot(sessionId);
+        return { status: 200, body: result };
+    });
+}
+export async function handleBrowserApplyScreenshot(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        const body = await readJsonObject(ctx.req);
+        const captureSeq = requireNumber(body, "captureSeq");
+        const sessionId = ctx.params.sessionId ?? "";
+        const result = await guard.applyScreenshot(sessionId, captureSeq);
+        return { status: 200, body: result };
+    });
+}
+export async function handleBrowserContent(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    return runHandler(async () => {
+        // Drain the body through readJsonObject so the 64 KB cap (MAX_BROWSER_BODY_BYTES) is
+        // enforced even though this handler expects no fields. Raw node:http has no global cap.
+        await readJsonObject(ctx.req);
+        const sessionId = ctx.params.sessionId ?? "";
+        const result = await guard.content(sessionId);
+        return { status: 200, body: result };
+    });
+}
+// SSE — re-uses the existing framer shape. Each browser event becomes one SSE message with
+// event: <kind> and data: <JSON>. A 'ready' synthetic is sent first so clients can transition
+// from connecting to live.
+export function handleBrowserEvents(ctx, deps) {
+    const guard = requireBrowser(deps);
+    if (isRouteResult(guard))
+        return guard;
+    const sessionId = ctx.params.sessionId ?? "";
+    if (sessionId.length === 0) {
+        return { status: 400, body: errorBody("BAD_REQUEST", "sessionId is required.") };
+    }
+    if (!guard.hasSession(sessionId)) {
+        return { status: 404, body: errorBody("SESSION_NOT_FOUND", "Browser session not found.") };
+    }
+    openBrowserSseStream(ctx.res, guard, sessionId, deps.redactor);
+    ctx.req.on("close", () => {
+        ctx.res.end();
+    });
+    return STREAMING;
+}
+function openBrowserSseStream(res, manager, sessionId, redactor) {
+    res.writeHead(200, SSE_HEADERS);
+    let seq = 0;
+    const unsubscribe = manager.subscribe(sessionId, (event) => {
+        seq += 1;
+        writeBrowserEvent(res, event, seq, redactor);
+        if (event.kind === "session-closed") {
+            unsubscribe();
+            res.end();
+        }
+    });
+    res.write(readyMessage());
+    res.on("close", () => {
+        unsubscribe();
+    });
+}
+function writeBrowserEvent(res, event, seq, redactor) {
+    const redacted = redactor(event);
+    const data = JSON.stringify(redacted);
+    const frame = `id: ${String(seq)}\nevent: browser:${event.kind}\ndata: ${data}\n\n`;
+    if (!res.write(frame)) {
+        res.destroy();
+    }
+}

package/dist/ui/chat-handlers.d.ts

@@ -0,0 +1,4 @@
+import type { UiHandlerDeps } from "./deps.js";
+import type { RouteContext, RouteResult } from "./routes.js";
+export declare function handleCreateDesktopChat(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;
+export declare function handleSendDesktopChat(ctx: RouteContext, deps: UiHandlerDeps): Promise<RouteResult>;

package/dist/ui/chat-handlers.js

@@ -0,0 +1,281 @@
+// Desktop chat BFF routes for the Keiko canvas UI. These routes intentionally keep the model call
+// behind the existing ModelPort/Gateway boundary: the browser sends only chat content and a registry
+// model id, while provider endpoints and keys remain resolved from the local gateway config/.env.
+import { basename } from "node:path";
+import { GatewayError, findCapability } from "../gateway/index.js";
+import { UiStoreError, isProjectAvailable, } from "./store/index.js";
+import { validateProjectPath } from "./store/validation.js";
+import { errorBody } from "./routes.js";
+const DEFAULT_CHAT_MODEL = "gpt-oss-120b";
+const DEFAULT_CHAT_TITLE = "GPT OSS 120B";
+const MAX_BODY_BYTES = 128_000;
+const MAX_CHAT_INPUT_CHARS = 16_000;
+const MAX_CONTEXT_MESSAGES = 24;
+class BodyTooLargeError extends Error {
+    constructor() {
+        super("request body too large");
+        this.name = "BodyTooLargeError";
+    }
+}
+function isRecord(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+function readBody(req) {
+    return new Promise((resolveBody, reject) => {
+        const chunks = [];
+        let total = 0;
+        let capped = false;
+        req.on("data", (chunk) => {
+            total += chunk.length;
+            if (total > MAX_BODY_BYTES) {
+                if (!capped) {
+                    capped = true;
+                    chunks.length = 0;
+                    reject(new BodyTooLargeError());
+                    req.resume();
+                }
+                return;
+            }
+            chunks.push(chunk);
+        });
+        req.on("end", () => {
+            if (!capped) {
+                resolveBody(Buffer.concat(chunks).toString("utf8"));
+            }
+        });
+        req.on("error", reject);
+    });
+}
+async function readJsonObject(req) {
+    let raw;
+    try {
+        raw = await readBody(req);
+    }
+    catch (error) {
+        if (error instanceof BodyTooLargeError) {
+            return {
+                status: 413,
+                body: errorBody("PAYLOAD_TOO_LARGE", "Request body exceeds the size limit."),
+            };
+        }
+        throw error;
+    }
+    let parsed;
+    try {
+        parsed = raw.length === 0 ? {} : JSON.parse(raw);
+    }
+    catch {
+        return { status: 400, body: errorBody("BAD_REQUEST", "Request body is not valid JSON.") };
+    }
+    if (!isRecord(parsed)) {
+        return { status: 400, body: errorBody("BAD_REQUEST", "Request body must be a JSON object.") };
+    }
+    return parsed;
+}
+function isRouteResult(value) {
+    return isRecord(value) && typeof value.status === "number" && "body" in value;
+}
+function modelFromBody(body) {
+    const modelId = typeof body.modelId === "string" && body.modelId.length > 0
+        ? body.modelId
+        : DEFAULT_CHAT_MODEL;
+    const capability = findCapability(modelId);
+    if (capability?.kind !== "chat") {
+        return { status: 400, body: errorBody("BAD_REQUEST", "modelId must be a chat model registry id.") };
+    }
+    return modelId;
+}
+function pickProjectPath(body, deps) {
+    const supplied = typeof body.projectPath === "string" && body.projectPath.length > 0
+        ? body.projectPath
+        : undefined;
+    if (supplied !== undefined) {
+        return validateProjectPath(supplied, { mustExist: true });
+    }
+    const available = deps.store
+        .listProjects()
+        .find((project) => isProjectAvailable(project));
+    if (available !== undefined) {
+        return available.path;
+    }
+    return validateProjectPath(process.cwd(), { mustExist: true });
+}
+function ensureProject(deps, path) {
+    const existing = deps.store.listProjects().find((project) => project.path === path);
+    if (existing !== undefined) {
+        deps.store.updateProject(path, {});
+        return existing;
+    }
+    const name = basename(path) || "Local workspace";
+    return deps.store.createProject(path, name);
+}
+function findChat(deps, projectPath, chatId) {
+    return deps.store.listChats(projectPath).find((chat) => chat.id === chatId);
+}
+function chatEnvelope(deps, project, chat) {
+    const projects = deps.store.listProjects().map((item) => ({
+        ...item,
+        available: isProjectAvailable(item),
+    }));
+    const chats = deps.store.listChats(project.path);
+    const messages = deps.store.listMessages(chat.id);
+    return {
+        project: { ...project, available: isProjectAvailable(project) },
+        chat,
+        messages,
+        projects,
+        chats,
+    };
+}
+function gatewayErrorResult(error) {
+    const status = error.code === "GATEWAY_AUTHENTICATION" ? 401 : error.retryable ? 503 : 502;
+    return { status, body: errorBody(error.code, error.message) };
+}
+function desktopChatErrorResult(error) {
+    if (error instanceof GatewayError) {
+        return gatewayErrorResult(error);
+    }
+    if (error instanceof UiStoreError) {
+        return { status: error.status, body: errorBody(error.code, error.message) };
+    }
+    throw error;
+}
+function messageForGateway(message) {
+    if (message.role !== "user" && message.role !== "assistant") {
+        return null;
+    }
+    return { role: message.role, content: message.content };
+}
+function conversationForGateway(messages) {
+    const usable = messages
+        .map(messageForGateway)
+        .filter((message) => message !== null)
+        .slice(-MAX_CONTEXT_MESSAGES);
+    return [
+        {
+            role: "system",
+            content: "You are Keiko, an enterprise developer-assist AI. Be concise, practical, and explicit about uncertainty. Do not claim tool access you do not have in this chat.",
+        },
+        ...usable,
+    ];
+}
+function sendRequestFromBody(body) {
+    const chatId = typeof body.chatId === "string" ? body.chatId : "";
+    const projectPath = typeof body.projectPath === "string" ? body.projectPath : "";
+    const content = typeof body.content === "string" ? body.content.trim() : "";
+    if (chatId.length === 0 || projectPath.length === 0) {
+        return { status: 400, body: errorBody("BAD_REQUEST", "chatId and projectPath are required.") };
+    }
+    if (content.length === 0 || content.length > MAX_CHAT_INPUT_CHARS) {
+        return { status: 400, body: errorBody("BAD_REQUEST", "content must be between 1 and 16000 characters.") };
+    }
+    return {
+        chatId,
+        projectPath,
+        content,
+        modelId: typeof body.modelId === "string" && body.modelId.length > 0 ? body.modelId : undefined,
+    };
+}
+function invalidChatModelResult(modelId) {
+    const capability = findCapability(modelId);
+    if (capability?.kind === "chat") {
+        return undefined;
+    }
+    return { status: 400, body: errorBody("BAD_REQUEST", "modelId must be a chat model registry id.") };
+}
+function createUserMessage(deps, request) {
+    return deps.store.createMessage({
+        chatId: request.chatId,
+        role: "user",
+        content: request.content,
+        timestamp: Date.now(),
+        runId: undefined,
+        workflowId: undefined,
+        workflowStatus: undefined,
+        shortResult: undefined,
+        taskType: undefined,
+    });
+}
+function createAssistantMessage(deps, request, content) {
+    return deps.store.createMessage({
+        chatId: request.chatId,
+        role: "assistant",
+        content: content.length > 0 ? content : "The model returned an empty response.",
+        timestamp: Date.now(),
+        runId: undefined,
+        workflowId: undefined,
+        workflowStatus: undefined,
+        shortResult: undefined,
+        taskType: undefined,
+    });
+}
+async function persistModelChatTurn(deps, request, chat, modelId) {
+    const model = deps.modelPortFactory(modelId);
+    if (model === undefined) {
+        return { status: 400, body: errorBody("NO_MODEL", "No model provider is configured.") };
+    }
+    try {
+        const userMessage = createUserMessage(deps, request);
+        const response = await model.call({
+            modelId,
+            messages: conversationForGateway(deps.store.listMessages(request.chatId)),
+            stream: false,
+        }, new AbortController().signal);
+        const assistantMessage = createAssistantMessage(deps, request, response.content);
+        const chatPatch = chat.title === DEFAULT_CHAT_TITLE
+            ? { selectedModel: modelId, title: request.content.slice(0, 60) }
+            : { selectedModel: modelId };
+        return {
+            status: 200,
+            body: {
+                chat: deps.store.updateChat(request.chatId, chatPatch),
+                messages: [userMessage, assistantMessage],
+                usage: response.usage,
+            },
+        };
+    }
+    catch (error) {
+        return desktopChatErrorResult(error);
+    }
+}
+export async function handleCreateDesktopChat(ctx, deps) {
+    const body = await readJsonObject(ctx.req);
+    if (isRouteResult(body))
+        return body;
+    const modelId = modelFromBody(body);
+    if (isRouteResult(modelId))
+        return modelId;
+    try {
+        const projectPath = pickProjectPath(body, deps);
+        const project = ensureProject(deps, projectPath);
+        const title = typeof body.title === "string" && body.title.trim().length > 0
+            ? body.title.trim()
+            : DEFAULT_CHAT_TITLE;
+        const chat = deps.store.createChat(project.path, title, modelId);
+        return { status: 201, body: chatEnvelope(deps, project, chat) };
+    }
+    catch (error) {
+        if (error instanceof UiStoreError) {
+            return { status: error.status, body: errorBody(error.code, error.message) };
+        }
+        throw error;
+    }
+}
+export async function handleSendDesktopChat(ctx, deps) {
+    const body = await readJsonObject(ctx.req);
+    if (isRouteResult(body))
+        return body;
+    const request = sendRequestFromBody(body);
+    if (isRouteResult(request))
+        return request;
+    const normalizedProjectPath = validateProjectPath(request.projectPath, { mustExist: false });
+    const chat = findChat(deps, normalizedProjectPath, request.chatId);
+    if (chat === undefined) {
+        return { status: 404, body: errorBody("NOT_FOUND", "Chat not found.") };
+    }
+    const modelId = request.modelId ?? chat.selectedModel;
+    const invalidModel = invalidChatModelResult(modelId);
+    if (invalidModel !== undefined)
+        return invalidModel;
+    return persistModelChatTurn(deps, request, chat, modelId);
+}

package/dist/ui/csp-hashes.json

@@ -0,0 +1,17 @@
+[
+  "'sha256-FhLHRUQz4c4ntLU9VkfEesX7PnzNLENSe/16Hi523Kk='",
+  "'sha256-NMmsYxPlvKu6BMNDUuiUA/0HWXXhODWSkUJ3CrerHAI='",
+  "'sha256-OBTN3RiyCV4Bq7dFqZ5a2pAXjnCcCYeTJMO2I/LYKeo='",
+  "'sha256-OogwkdfeAY//FSbFGNeTewmi/U11IUHAkAgKNEwJCG0='",
+  "'sha256-U9W+ZoRW19rf6ohEfUh2oSN8UmJ8mZjCoxp31AbEGYM='",
+  "'sha256-bDep1P+WNj2FZ2j0g3tUvt5ISNYG1nCzFE65Y9sE1c8='",
+  "'sha256-bg+CWjI8RppcgHYH6RuW4z4OnLAUEUPDXRoYUo9Tyok='",
+  "'sha256-iqYTUJ5u/EtWNaG9+D7Y0DM2wPtGyVS2aRVXbTOsfag='",
+  "'sha256-oJekvGO4J2NYcfsZB+NVPai5HyR1UVOFcmKB3PORB8M='",
+  "'sha256-pQjgKfZ7Pcb9s5HrqqpJnRrMazbJ0Nhk6e1aFQNuFsU='",
+  "'sha256-q3VO3K+1hbob0r8DheOST7SIt4DQWr76alv4VzyZ44s='",
+  "'sha256-qBQ7RdQKJEJuW7Fj1MbGjDbF6lnRdfu+KV0V4A5MTRg='",
+  "'sha256-qjuzziE6xLU3Cras89VlShlRYHgYZuOxceXUDmuvClo='",
+  "'sha256-xLP5QIbvR88RAxDKoSWqs6CVxNIRu17hhr7S/Q6hlU0='",
+  "'sha256-xz80fPjhAczg/tByXnm3xfZrdAUWODPmQtD4solyj1c='"
+]

package/dist/ui/csp.d.ts

@@ -0,0 +1,2 @@
+export declare function extractInlineScriptHashes(htmlDocuments: readonly string[]): readonly string[];
+export declare function buildCspHeader(scriptHashes: readonly string[]): string;