@pellux/goodvibes-daemon-sdk 0.30.3 → 0.33.0

package/dist/system-routes.js

@@ -1,5 +1,40 @@
+import { createRouteBodySchema, createRouteBodySchemaRegistry, readBoundedBodyInteger, readOptionalStringField, } from './route-helpers.js';
 import { jsonErrorResponse } from './error-response.js';
-export function createDaemonSystemRouteHandlers(context, request) {
+import { withAdmin } from './auth-helpers.js';
+const WATCHER_KIND_VALUES = ['filesystem', 'webhook', 'socket', 'integration', 'polling'];
+const WATCHER_SOURCE_KIND_MAP = {
+    webhook: 'webhook',
+    file: 'filesystem',
+    stream: 'socket',
+    api: 'integration',
+};
+const WATCHER_SOURCE_RECORD_KIND_MAP = {
+    webhook: 'webhook',
+    file: 'hook',
+    stream: 'hook',
+    api: 'hook',
+};
+const DEFAULT_WATCHER_INTERVAL_MS = 60_000;
+const MIN_WATCHER_INTERVAL_MS = 1_000;
+const MAX_WATCHER_INTERVAL_MS = 86_400_000;
+const systemBodySchemas = createRouteBodySchemaRegistry({
+    routeBindingCreate: createRouteBodySchema('POST /api/system/route-bindings', (body) => {
+        const surfaceKind = readOptionalStringField(body, 'surfaceKind');
+        const kind = readOptionalStringField(body, 'kind');
+        const surfaceId = readOptionalStringField(body, 'surfaceId');
+        const externalId = readOptionalStringField(body, 'externalId');
+        if (!surfaceKind || !kind || !surfaceId || !externalId) {
+            return jsonErrorResponse({ error: 'Missing required route binding fields' }, { status: 400 });
+        }
+        return {
+            surfaceKind: surfaceKind,
+            kind: kind,
+            surfaceId,
+            externalId,
+        };
+    }),
+});
+export function createDaemonSystemRouteHandlers(context) {
     return {
         getWatchers: () => Response.json({ watchers: context.watcherRegistry.list() }),
         postWatcher: (req) => {
@@ -14,20 +49,20 @@ export function createDaemonSystemRouteHandlers(context, request) {
                 return admin;
             return handleUpdateWatcher(context, watcherId, req);
         },
-        watcherAction: (watcherId, action) => {
-            const admin = context.requireAdmin(request);
+        watcherAction: (watcherId, action, req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
-            return handleWatcherAction(context, watcherId, action);
+            return handleWatcherAction(context, watcherId, action, req);
         },
-        deleteWatcher: (watcherId) => {
-            const admin = context.requireAdmin(request);
+        deleteWatcher: (watcherId, req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             const removed = context.watcherRegistry.removeWatcher(watcherId);
             return removed
                 ? Response.json({ removed: true, id: watcherId })
-                : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+                : jsonErrorResponse({ error: 'Unknown watcher' }, { status: 404 });
         },
         getServiceStatus: () => Response.json({
             ...context.platformServiceManager.status(),
@@ -37,37 +72,42 @@ export function createDaemonSystemRouteHandlers(context, request) {
                 outbound: context.inspectOutboundTls(),
             },
         }),
-        installService: () => {
-            const admin = context.requireAdmin(request);
+        installService: (req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             return Response.json(context.platformServiceManager.install());
         },
-        startService: () => {
-            const admin = context.requireAdmin(request);
+        startService: (req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             return Response.json(context.platformServiceManager.start());
         },
-        stopService: () => {
-            const admin = context.requireAdmin(request);
+        stopService: (req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             return Response.json(context.platformServiceManager.stop());
         },
-        restartService: () => {
-            const admin = context.requireAdmin(request);
+        restartService: (req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             return Response.json(context.platformServiceManager.restart());
         },
-        uninstallService: () => {
-            const admin = context.requireAdmin(request);
+        uninstallService: (req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             return Response.json(context.platformServiceManager.uninstall());
         },
-        getRouteBindings: () => Response.json({ bindings: context.routeBindings.listBindings() }),
+        getRouteBindings: (req) => {
+            const admin = context.requireAdmin(req);
+            if (admin)
+                return admin;
+            return Response.json({ bindings: context.routeBindings.listBindings() });
+        },
         postRouteBinding: async (req) => {
             const admin = context.requireAdmin(req);
             if (admin)
@@ -75,19 +115,15 @@ export function createDaemonSystemRouteHandlers(context, request) {
             const body = await context.parseJsonBody(req);
             if (body instanceof Response)
                 return body;
-            const surfaceKind = typeof body.surfaceKind === 'string' ? body.surfaceKind : '';
-            const kind = typeof body.kind === 'string' ? body.kind : '';
-            const surfaceId = typeof body.surfaceId === 'string' ? body.surfaceId : '';
-            const externalId = typeof body.externalId === 'string' ? body.externalId : '';
-            if (!surfaceKind || !kind || !surfaceId || !externalId) {
-                return Response.json({ error: 'Missing required route binding fields' }, { status: 400 });
-            }
+            const input = systemBodySchemas.routeBindingCreate.parse(body);
+            if (input instanceof Response)
+                return input;
             const binding = await context.routeBindings.upsertBinding({
                 id: typeof body.id === 'string' ? body.id : undefined,
-                kind: kind,
-                surfaceKind: surfaceKind,
-                surfaceId,
-                externalId,
+                kind: input.kind,
+                surfaceKind: input.surfaceKind,
+                surfaceId: input.surfaceId,
+                externalId: input.externalId,
                 sessionPolicy: typeof body.sessionPolicy === 'string' ? body.sessionPolicy : undefined,
                 threadPolicy: typeof body.threadPolicy === 'string' ? body.threadPolicy : undefined,
                 deliveryGuarantee: typeof body.deliveryGuarantee === 'string' ? body.deliveryGuarantee : undefined,
@@ -122,26 +158,26 @@ export function createDaemonSystemRouteHandlers(context, request) {
             });
             return updated
                 ? Response.json(updated)
-                : Response.json({ error: 'Unknown route binding' }, { status: 404 });
+                : jsonErrorResponse({ error: 'Unknown route binding' }, { status: 404 });
         },
-        deleteRouteBinding: async (bindingId) => {
-            const admin = context.requireAdmin(request);
+        deleteRouteBinding: async (bindingId, req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             const removed = await context.routeBindings.removeBinding(bindingId);
             return removed
                 ? Response.json({ removed: true, id: bindingId })
-                : Response.json({ error: 'Unknown route binding' }, { status: 404 });
+                : jsonErrorResponse({ error: 'Unknown route binding' }, { status: 404 });
         },
         getApprovals: () => {
             if (!context.integrationHelpers) {
-                return Response.json({ error: 'Integration helper service unavailable' }, { status: 503 });
+                return jsonErrorResponse({ error: 'Integration helper service unavailable' }, { status: 503 });
             }
             return Response.json(context.integrationHelpers.getApprovalSnapshot());
         },
         approvalAction: (approvalId, action, req) => handleApprovalAction(context, approvalId, action, req),
-        getConfig: () => {
-            const admin = context.requireAdmin(request);
+        getConfig: (req) => {
+            const admin = context.requireAdmin(req);
             if (admin)
                 return admin;
             return Response.json(context.configManager.getAll());
@@ -155,28 +191,13 @@ export function createDaemonSystemRouteHandlers(context, request) {
                 return payload;
             const { key, value } = payload;
             if (!key || typeof key !== 'string') {
-                return Response.json({ error: 'Missing or invalid key' }, { status: 400 });
+                return jsonErrorResponse({ error: 'Missing or invalid key' }, { status: 400 });
             }
-            // Special-case: runtime.workingDir is handled by the workspace swap manager.
             if (key === 'runtime.workingDir') {
-                if (!context.swapManager) {
-                    return Response.json({ error: 'Workspace swapping is not available in this daemon configuration.' }, { status: 400 });
-                }
-                if (typeof value !== 'string' || !value.trim()) {
-                    return Response.json({ error: 'runtime.workingDir value must be a non-empty string path.', code: 'INVALID_PATH' }, { status: 400 });
-                }
-                const result = await context.swapManager.requestSwap(value);
-                if (result.ok) {
-                    return Response.json({ success: true, key, value: result.current, previous: result.previous });
-                }
-                if (result.code === 'WORKSPACE_BUSY') {
-                    return Response.json({ error: result.reason, code: 'WORKSPACE_BUSY', retryAfter: result.retryAfter }, { status: 409 });
-                }
-                // INVALID_PATH
-                return Response.json({ error: result.reason, code: 'INVALID_PATH' }, { status: 400 });
+                return handleWorkingDirectoryConfig(context, key, value);
             }
             if (!context.isValidConfigKey(key)) {
-                return Response.json({ error: 'Invalid config key' }, { status: 400 });
+                return jsonErrorResponse({ error: 'Invalid config key' }, { status: 400 });
             }
             try {
                 context.configManager.setDynamic(key, value);
@@ -196,24 +217,16 @@ async function handleRegisterWatcher(context, req) {
     const id = typeof body.id === 'string' && body.id.trim().length > 0
         ? body.id.trim()
         : label
-            ? `watcher-${label.toLowerCase().replace(/[^a-z0-9]+/g, '-').replace(/(^-|-$)/g, '')}`
+            ? (() => {
+                const slug = label.toLowerCase().replace(/[^a-z0-9]+/g, '-').replace(/(^-|-$)/g, '');
+                // If the label consists entirely of special chars the slug will be empty.
+                return slug ? `watcher-${slug}` : `watcher-${Date.now()}`;
+            })()
             : `watcher-${Date.now()}`;
-    const kind = typeof body.kind === 'string'
-        ? body.kind
-        : typeof body.sourceKind === 'string'
-            ? body.sourceKind === 'webhook'
-                ? 'webhook'
-                : body.sourceKind === 'file'
-                    ? 'filesystem'
-                    : body.sourceKind === 'stream'
-                        ? 'socket'
-                        : body.sourceKind === 'api'
-                            ? 'integration'
-                            : 'polling'
-            : 'polling';
-    const intervalMs = Number(body.intervalMs ?? context.configManager.get('watchers.pollIntervalMs') ?? 60_000);
+    const kind = readWatcherKind(body.kind, body.sourceKind, 'polling');
+    const intervalMs = readWatcherIntervalMs(body.intervalMs, context.configManager.get('watchers.pollIntervalMs'));
     if (!label) {
-        return Response.json({ error: 'Missing watcher label' }, { status: 400 });
+        return jsonErrorResponse({ error: 'Missing watcher label' }, { status: 400 });
     }
     const metadata = typeof body.metadata === 'object' && body.metadata !== null
         ? body.metadata
@@ -234,11 +247,7 @@ async function handleRegisterWatcher(context, req) {
         source: {
             id: typeof body.sourceId === 'string' && body.sourceId.trim() ? body.sourceId.trim() : `source:${id}`,
             kind: typeof body.sourceKind === 'string'
-                ? body.sourceKind === 'webhook'
-                    ? 'webhook'
-                    : body.sourceKind === 'file' || body.sourceKind === 'stream' || body.sourceKind === 'api'
-                        ? 'hook'
-                        : 'watcher'
+                ? WATCHER_SOURCE_RECORD_KIND_MAP[body.sourceKind] ?? 'watcher'
                 : 'watcher',
             label,
             enabled: true,
@@ -252,27 +261,52 @@ async function handleRegisterWatcher(context, req) {
     });
     return Response.json(record, { status: 201 });
 }
+async function handleWorkingDirectoryConfig(context, key, value) {
+    if (!context.swapManager) {
+        return jsonErrorResponse({ error: 'Workspace swapping is not available in this daemon configuration.' }, { status: 400 });
+    }
+    if (typeof value !== 'string' || !value.trim()) {
+        return jsonErrorResponse({ error: 'runtime.workingDir value must be a non-empty string path.', code: 'INVALID_PATH' }, { status: 400 });
+    }
+    const result = await context.swapManager.requestSwap(value);
+    if (result.ok) {
+        return Response.json({ success: true, key, value: result.current, previous: result.previous });
+    }
+    return jsonErrorResponse({
+        error: result.reason,
+        code: result.code,
+        ...(result.code === 'WORKSPACE_BUSY' ? { retryAfter: result.retryAfter } : {}),
+    }, { status: result.code === 'WORKSPACE_BUSY' ? 409 : 400 });
+}
+function readWatcherKind(kind, sourceKind, fallback) {
+    if (typeof kind === 'string' && WATCHER_KIND_VALUES.includes(kind)) {
+        return kind;
+    }
+    return typeof sourceKind === 'string'
+        ? WATCHER_SOURCE_KIND_MAP[sourceKind] ?? fallback
+        : fallback;
+}
+function readWatcherIntervalMs(value, fallbackValue) {
+    const fallback = typeof fallbackValue === 'number' && Number.isFinite(fallbackValue)
+        ? fallbackValue
+        : DEFAULT_WATCHER_INTERVAL_MS;
+    return readBoundedBodyInteger(value, fallback, MAX_WATCHER_INTERVAL_MS, MIN_WATCHER_INTERVAL_MS);
+}
 async function handleUpdateWatcher(context, watcherId, req) {
     const body = await context.parseJsonBody(req);
     if (body instanceof Response)
         return body;
     const current = context.watcherRegistry.getWatcher(watcherId);
     if (!current) {
-        return Response.json({ error: 'Unknown watcher' }, { status: 404 });
+        return jsonErrorResponse({ error: 'Unknown watcher' }, { status: 404 });
     }
     const nextSourceKind = typeof body.sourceKind === 'string'
-        ? body.sourceKind === 'webhook'
-            ? 'webhook'
-            : body.sourceKind === 'file' || body.sourceKind === 'stream' || body.sourceKind === 'api'
-                ? 'hook'
-                : 'watcher'
+        ? WATCHER_SOURCE_RECORD_KIND_MAP[body.sourceKind] ?? 'watcher'
         : current.source.kind;
     const updated = context.watcherRegistry.registerWatcher({
         id: watcherId,
         label: typeof body.label === 'string' ? body.label : current.label,
-        kind: typeof body.kind === 'string'
-            ? body.kind
-            : current.kind,
+        kind: readWatcherKind(body.kind, undefined, current.kind),
         source: {
             ...current.source,
             ...(typeof body.source === 'object' && body.source !== null ? body.source : {}),
@@ -292,28 +326,28 @@ async function handleUpdateWatcher(context, watcherId, req) {
             },
             updatedAt: Date.now(),
         },
-        intervalMs: typeof body.intervalMs === 'number' ? body.intervalMs : (current.intervalMs ?? 60_000),
+        intervalMs: body.intervalMs !== undefined ? readWatcherIntervalMs(body.intervalMs, current.intervalMs) : (current.intervalMs ?? DEFAULT_WATCHER_INTERVAL_MS),
         metadata: typeof body.metadata === 'object' && body.metadata !== null ? body.metadata : current.metadata,
     });
     return Response.json(updated);
 }
-async function handleWatcherAction(context, watcherId, action) {
+async function handleWatcherAction(context, watcherId, action, _req) {
     if (action === 'start') {
         const watcher = context.watcherRegistry.startWatcher(watcherId);
         return watcher
             ? Response.json(watcher)
-            : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+            : jsonErrorResponse({ error: 'Unknown watcher' }, { status: 404 });
     }
     if (action === 'stop') {
         const watcher = context.watcherRegistry.stopWatcher(watcherId, 'operator-stop');
         return watcher
             ? Response.json(watcher)
-            : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+            : jsonErrorResponse({ error: 'Unknown watcher' }, { status: 404 });
     }
     const watcher = await context.watcherRegistry.runWatcherNow(watcherId);
     return watcher
         ? Response.json(watcher)
-        : Response.json({ error: 'Unknown watcher' }, { status: 404 });
+        : jsonErrorResponse({ error: 'Unknown watcher' }, { status: 404 });
 }
 async function handleApprovalAction(context, approvalId, action, req) {
     const body = await context.parseOptionalJsonBody(req);
@@ -324,13 +358,13 @@ async function handleApprovalAction(context, approvalId, action, req) {
         const approval = await context.approvalBroker.claimApproval(approvalId, actor, 'web', note);
         return approval
             ? context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ approval }))
-            : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ error: 'Unknown approval' }, { status: 404 }));
+            : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, jsonErrorResponse({ error: 'Unknown approval' }, { status: 404 }));
     }
     if (action === 'cancel') {
         const approval = await context.approvalBroker.cancelApproval(approvalId, actor, 'web', note);
         return approval
             ? context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ approval }))
-            : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ error: 'Unknown approval' }, { status: 404 }));
+            : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, jsonErrorResponse({ error: 'Unknown approval' }, { status: 404 }));
     }
     const approval = await context.approvalBroker.resolveApproval(approvalId, {
         approved: action === 'approve',
@@ -341,5 +375,5 @@ async function handleApprovalAction(context, approvalId, action, req) {
     });
     return approval
         ? context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ approval }))
-        : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, Response.json({ error: 'Unknown approval' }, { status: 404 }));
+        : context.recordApiResponse(req, `/api/approvals/${approvalId}/${action}`, jsonErrorResponse({ error: 'Unknown approval' }, { status: 404 }));
 }

package/dist/tasks.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"tasks.d.ts","sourceRoot":"","sources":["../src/tasks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AAE5D,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,uBAAuB,GAChC,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAqB1B"}
+{"version":3,"file":"tasks.d.ts","sourceRoot":"","sources":["../src/tasks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AAE5D,wBAAsB,kBAAkB,CACtC,GAAG,EAAE,OAAO,EACZ,QAAQ,EAAE,uBAAuB,GAChC,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAuB1B"}

package/dist/tasks.js

@@ -4,6 +4,8 @@ export async function dispatchTaskRoutes(req, handlers) {
     const method = req.method;
     if (pathname === '/task' && method === 'POST')
         return handlers.postTask(req);
+    // GET /task is intentionally left to extension routers that expose
+    // surface-specific task status pages.
     if (pathname === '/task' && method === 'GET')
         return null;
     if (pathname === '/api/tasks' && method === 'GET')

package/dist/telemetry-routes.d.ts

@@ -4,19 +4,19 @@ import type { RuntimeEventDomain } from '@pellux/goodvibes-contracts';
 type TelemetrySeverity = 'debug' | 'info' | 'warn' | 'error';
 type TelemetryViewMode = 'safe' | 'raw';
 interface TelemetryFilter {
-    readonly limit?: number;
-    readonly since?: number;
-    readonly until?: number;
-    readonly domains?: readonly RuntimeEventDomain[];
-    readonly eventTypes?: readonly string[];
-    readonly severity?: TelemetrySeverity;
-    readonly traceId?: string;
-    readonly sessionId?: string;
-    readonly turnId?: string;
-    readonly agentId?: string;
-    readonly taskId?: string;
-    readonly cursor?: string;
-    readonly view?: TelemetryViewMode;
+    readonly limit?: number | undefined;
+    readonly since?: number | undefined;
+    readonly until?: number | undefined;
+    readonly domains?: readonly RuntimeEventDomain[] | undefined;
+    readonly eventTypes?: readonly string[] | undefined;
+    readonly severity?: TelemetrySeverity | undefined;
+    readonly traceId?: string | undefined;
+    readonly sessionId?: string | undefined;
+    readonly turnId?: string | undefined;
+    readonly agentId?: string | undefined;
+    readonly taskId?: string | undefined;
+    readonly cursor?: string | undefined;
+    readonly view?: TelemetryViewMode | undefined;
 }
 interface TelemetryApiLike {
     getSnapshot(filter: TelemetryFilter, view: TelemetryViewMode, rawAccessible: boolean): {
@@ -56,7 +56,7 @@ interface TelemetryRouteContext {
      * In production `DaemonHttpRouter` this is the `TelemetryApiService` instance
      * which stores ingested records in its bounded event buffer (default 500
      * records) and makes them observable via GET /api/v1/telemetry/events.
-     * Pass `null` only in test/stub contexts where ingestion is intentionally
+     * Pass `null` only in test fixtures where ingestion is intentionally
      * a no-op — the receivers still return 200 to keep OTLP exporters happy but
      * discard the payload.
      */

package/dist/telemetry-routes.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"telemetry-routes.d.ts","sourceRoot":"","sources":["../src/telemetry-routes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAC;AACjE,OAAO,EAAyB,KAAK,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAEtF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAItE,KAAK,iBAAiB,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAC7D,KAAK,iBAAiB,GAAG,MAAM,GAAG,KAAK,CAAC;AAExC,UAAU,eAAe;IACvB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS,kBAAkB,EAAE,CAAC;IACjD,QAAQ,CAAC,UAAU,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACxC,QAAQ,CAAC,QAAQ,CAAC,EAAE,iBAAiB,CAAC;IACtC,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,IAAI,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED,UAAU,gBAAgB;IACxB,WAAW,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG;QACrF,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;QAC7B,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC;QACjC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;QAChC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC;QACjC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;KAC9B,CAAC;IACF,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IACjG,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IACjG,YAAY,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IAChG,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,QAAQ,CAAC;IAC/G,sBAAsB,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC;IAClF,oBAAoB,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC;IAChF,uBAAuB,IAAI,OAAO,CAAC;CACpC;AAED;;;;GAIG;AACH,UAAU,mBAAmB;IAC3B,2EAA2E;IAC3E,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACnD,4EAA4E;IAC5E,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACrD,qFAAqF;IACrF,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACvD;AAED,UAAU,qBAAqB;IAC7B,QAAQ,CAAC,YAAY,EAAE,gBAAgB,GAAG,IAAI,CAAC;IAC/C,QAAQ,CAAC,6BAA6B,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,sBAAsB,GAAG,IAAI,CAAC;IACxF;;;;;;;;OAQG;IACH,QAAQ,CAAC,UAAU,EAAE,mBAAmB,GAAG,IAAI,CAAC;CACjD;AAoOD,wBAAgB,kCAAkC,CAChD,OAAO,EAAE,qBAAqB,GAC7B,4BAA4B,CA2I9B"}
+{"version":3,"file":"telemetry-routes.d.ts","sourceRoot":"","sources":["../src/telemetry-routes.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAC;AAEjE,OAAO,EAAyB,KAAK,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAEtF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAItE,KAAK,iBAAiB,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;AAC7D,KAAK,iBAAiB,GAAG,MAAM,GAAG,KAAK,CAAC;AAExC,UAAU,eAAe;IACvB,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACpC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACpC,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACpC,QAAQ,CAAC,OAAO,CAAC,EAAE,SAAS,kBAAkB,EAAE,GAAG,SAAS,CAAC;IAC7D,QAAQ,CAAC,UAAU,CAAC,EAAE,SAAS,MAAM,EAAE,GAAG,SAAS,CAAC;IACpD,QAAQ,CAAC,QAAQ,CAAC,EAAE,iBAAiB,GAAG,SAAS,CAAC;IAClD,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACtC,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACxC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACrC,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACtC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACrC,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACrC,QAAQ,CAAC,IAAI,CAAC,EAAE,iBAAiB,GAAG,SAAS,CAAC;CAC/C;AAED,UAAU,gBAAgB;IACxB,WAAW,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG;QACrF,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;QAC7B,QAAQ,CAAC,IAAI,EAAE,iBAAiB,CAAC;QACjC,QAAQ,CAAC,aAAa,EAAE,OAAO,CAAC;QAChC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;QAC1B,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC;QACjC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC;KAC9B,CAAC;IACF,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IACjG,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IACjG,YAAY,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC;IAChG,YAAY,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,aAAa,EAAE,OAAO,GAAG,QAAQ,CAAC;IAC/G,sBAAsB,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC;IAClF,oBAAoB,CAAC,MAAM,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC;IAChF,uBAAuB,IAAI,OAAO,CAAC;CACpC;AAED;;;;GAIG;AACH,UAAU,mBAAmB;IAC3B,2EAA2E;IAC3E,UAAU,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACnD,4EAA4E;IAC5E,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACrD,qFAAqF;IACrF,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;CACvD;AAED,UAAU,qBAAqB;IAC7B,QAAQ,CAAC,YAAY,EAAE,gBAAgB,GAAG,IAAI,CAAC;IAC/C,QAAQ,CAAC,6BAA6B,EAAE,CAAC,GAAG,EAAE,OAAO,KAAK,sBAAsB,GAAG,IAAI,CAAC;IACxF;;;;;;;;OAQG;IACH,QAAQ,CAAC,UAAU,EAAE,mBAAmB,GAAG,IAAI,CAAC;CACjD;AAyQD,wBAAgB,kCAAkC,CAChD,OAAO,EAAE,qBAAqB,GAC7B,4BAA4B,CA4H9B"}

package/dist/telemetry-routes.js

@@ -1,7 +1,8 @@
+import { jsonErrorResponse } from './error-response.js';
 import { buildMissingScopeBody } from './http-policy.js';
 import { decodeOtlpProtobuf } from './otlp-protobuf.js';
 import { DaemonErrorCategory } from '@pellux/goodvibes-errors';
-import { readBoundedPositiveInteger, readOptionalBoundedInteger } from './route-helpers.js';
+import { hasAnyScope, readBoundedPositiveInteger, readOptionalBoundedInteger } from './route-helpers.js';
 const MAX_TELEMETRY_TIMESTAMP_MS = Date.UTC(2100, 0, 1);
 function parseLimit(value) {
     if (value === null || value.trim().length === 0)
@@ -65,6 +66,7 @@ const OTLP_PARTIAL_SUCCESS_KEYS = {
     traces: 'partialSuccess',
     metrics: 'partialSuccess',
 };
+const OTLP_INGEST_SCOPES = ['ingest:telemetry', 'write:telemetry'];
 /**
  * Validate and parse an OTLP HTTP ingest request body.
  * Returns a parsed JSON Record on success, or a Response (error) on failure.
@@ -73,20 +75,29 @@ const OTLP_PARTIAL_SUCCESS_KEYS = {
  * requests for logs, traces, and metrics.
  */
 async function parseOtlpBody(req, kind) {
-    const contentType = (req.headers.get('content-type') ?? '').toLowerCase().split(';')[0].trim();
+    const contentType = ((req.headers.get('content-type') ?? '').toLowerCase().split(';')[0] ?? '').trim();
     const acceptsJson = contentType === OTLP_JSON_CONTENT_TYPE;
     const acceptsProtobuf = OTLP_PROTOBUF_CONTENT_TYPES.has(contentType);
     if (!acceptsJson && !acceptsProtobuf) {
-        return Response.json({
+        return jsonErrorResponse({
             error: `Unsupported Content-Type '${contentType}' for OTLP ingest`,
             code: 'UNSUPPORTED_MEDIA_TYPE',
             category: DaemonErrorCategory.BAD_REQUEST,
             hint: `Use '${OTLP_JSON_CONTENT_TYPE}' or 'application/x-protobuf'.`,
         }, { status: 415 });
     }
+    // reject oversized requests before buffering the body into memory.
+    const contentLength = Number(req.headers.get('content-length'));
+    if (!Number.isNaN(contentLength) && contentLength > OTLP_INGEST_MAX_BODY_BYTES) {
+        return jsonErrorResponse({
+            error: `OTLP ingest payload too large (Content-Length: ${contentLength} > ${OTLP_INGEST_MAX_BODY_BYTES} bytes)`,
+            code: 'PAYLOAD_TOO_LARGE',
+            category: DaemonErrorCategory.BAD_REQUEST,
+        }, { status: 413 });
+    }
     const raw = await req.arrayBuffer();
     if (raw.byteLength > OTLP_INGEST_MAX_BODY_BYTES) {
-        return Response.json({
+        return jsonErrorResponse({
             error: `OTLP ingest payload too large (${raw.byteLength} > ${OTLP_INGEST_MAX_BODY_BYTES} bytes)`,
             code: 'PAYLOAD_TOO_LARGE',
             category: DaemonErrorCategory.BAD_REQUEST,
@@ -96,22 +107,20 @@ async function parseOtlpBody(req, kind) {
         try {
             return decodeOtlpProtobuf(kind, new Uint8Array(raw));
         }
-        catch (error) {
-            void error;
-            return Response.json({ error: 'OTLP ingest body is not valid protobuf', code: 'INVALID_PAYLOAD', category: DaemonErrorCategory.BAD_REQUEST }, { status: 400 });
+        catch {
+            return jsonErrorResponse({ error: 'OTLP ingest body is not valid protobuf', code: 'INVALID_PAYLOAD', category: DaemonErrorCategory.BAD_REQUEST }, { status: 400 });
         }
     }
     try {
         const text = new TextDecoder().decode(raw);
         const parsed = JSON.parse(text);
         if (typeof parsed !== 'object' || parsed === null || Array.isArray(parsed)) {
-            return Response.json({ error: 'OTLP ingest body must be a JSON object', code: 'INVALID_PAYLOAD', category: DaemonErrorCategory.BAD_REQUEST }, { status: 400 });
+            return jsonErrorResponse({ error: 'OTLP ingest body must be a JSON object', code: 'INVALID_PAYLOAD', category: DaemonErrorCategory.BAD_REQUEST }, { status: 400 });
         }
         return parsed;
     }
-    catch (error) {
-        void error;
-        return Response.json({ error: 'OTLP ingest body is not valid JSON', code: 'INVALID_PAYLOAD', category: DaemonErrorCategory.BAD_REQUEST }, { status: 400 });
+    catch {
+        return jsonErrorResponse({ error: 'OTLP ingest body is not valid JSON', code: 'INVALID_PAYLOAD', category: DaemonErrorCategory.BAD_REQUEST }, { status: 400 });
     }
 }
 function otlpIngestSuccess(kind) {
@@ -119,8 +128,27 @@ function otlpIngestSuccess(kind) {
     // partialSuccess omitted when empty (all records accepted).
     return Response.json({ [OTLP_PARTIAL_SUCCESS_KEYS[kind]]: {} });
 }
+function authenticateTelemetryIngest(context, req) {
+    const principal = context.resolveAuthenticatedPrincipal(req);
+    if (!principal) {
+        return jsonErrorResponse({ error: 'Authentication required for OTLP ingest', code: 'AUTH_REQUIRED', category: DaemonErrorCategory.AUTHENTICATION, status: 401 }, { status: 401 });
+    }
+    if (!principal.admin && !hasAnyScope(principal.scopes, OTLP_INGEST_SCOPES)) {
+        return jsonErrorResponse({
+            error: `Missing required telemetry ingest scope: ${OTLP_INGEST_SCOPES.join(' or ')}`,
+            code: 'MISSING_SCOPE',
+            category: DaemonErrorCategory.AUTHORIZATION,
+            source: 'permission',
+            recoverable: false,
+            requiredScopes: [...OTLP_INGEST_SCOPES],
+            grantedScopes: [...principal.scopes],
+            status: 403,
+        }, { status: 403 });
+    }
+    return principal;
+}
 function unavailable() {
-    return Response.json({
+    return jsonErrorResponse({
         error: 'Telemetry API unavailable',
         code: 'TELEMETRY_UNAVAILABLE',
         category: DaemonErrorCategory.SERVICE,
@@ -131,7 +159,7 @@ function unavailable() {
     }, { status: 503 });
 }
 function invalidCursor(error) {
-    return Response.json({
+    return jsonErrorResponse({
         error: error instanceof Error ? error.message : 'Invalid telemetry cursor',
         code: 'INVALID_CURSOR',
         category: DaemonErrorCategory.BAD_REQUEST,
@@ -144,7 +172,7 @@ function invalidCursor(error) {
 function authenticateTelemetryRequest(context, req, requestedView) {
     const principal = context.resolveAuthenticatedPrincipal(req);
     if (!principal) {
-        return Response.json({
+        return jsonErrorResponse({
             error: 'Authentication required for telemetry access',
             code: 'AUTH_REQUIRED',
             category: DaemonErrorCategory.AUTHENTICATION,
@@ -156,7 +184,7 @@ function authenticateTelemetryRequest(context, req, requestedView) {
     }
     const missingRead = buildMissingScopeBody('telemetry access', ['read:telemetry'], principal.scopes);
     if (missingRead) {
-        return Response.json({
+        return jsonErrorResponse({
             error: missingRead.error,
             code: 'MISSING_SCOPE',
             category: DaemonErrorCategory.AUTHORIZATION,
@@ -164,12 +192,12 @@ function authenticateTelemetryRequest(context, req, requestedView) {
             recoverable: false,
             hint: 'Use a token or session with the read:telemetry scope, or elevate to an admin/shared-token session.',
             status: 403,
-            detail: JSON.stringify(missingRead),
+            detail: missingRead,
         }, { status: 403 });
     }
     const rawAccessible = principal.admin || principal.scopes.includes('read:telemetry-sensitive');
     if (requestedView === 'raw' && !rawAccessible) {
-        return Response.json({
+        return jsonErrorResponse({
             error: 'Raw telemetry view requires elevated telemetry scope',
             code: 'MISSING_SCOPE',
             category: DaemonErrorCategory.AUTHORIZATION,
@@ -307,10 +335,9 @@ export function createDaemonTelemetryRouteHandlers(context) {
         // OTLP POST ingest receivers
         // -------------------------------------------------------------------------
         postTelemetryOtlpLogs: async (req) => {
-            const auth = context.resolveAuthenticatedPrincipal(req);
-            if (!auth) {
-                return Response.json({ error: 'Authentication required for OTLP ingest', code: 'AUTH_REQUIRED', category: DaemonErrorCategory.AUTHENTICATION, status: 401 }, { status: 401 });
-            }
+            const auth = authenticateTelemetryIngest(context, req);
+            if (auth instanceof Response)
+                return auth;
             const bodyOrErr = await parseOtlpBody(req, 'logs');
             if (bodyOrErr instanceof Response)
                 return bodyOrErr;
@@ -318,10 +345,9 @@ export function createDaemonTelemetryRouteHandlers(context) {
             return otlpIngestSuccess('logs');
         },
         postTelemetryOtlpTraces: async (req) => {
-            const auth = context.resolveAuthenticatedPrincipal(req);
-            if (!auth) {
-                return Response.json({ error: 'Authentication required for OTLP ingest', code: 'AUTH_REQUIRED', category: DaemonErrorCategory.AUTHENTICATION, status: 401 }, { status: 401 });
-            }
+            const auth = authenticateTelemetryIngest(context, req);
+            if (auth instanceof Response)
+                return auth;
             const bodyOrErr = await parseOtlpBody(req, 'traces');
             if (bodyOrErr instanceof Response)
                 return bodyOrErr;
@@ -329,10 +355,9 @@ export function createDaemonTelemetryRouteHandlers(context) {
             return otlpIngestSuccess('traces');
         },
         postTelemetryOtlpMetrics: async (req) => {
-            const auth = context.resolveAuthenticatedPrincipal(req);
-            if (!auth) {
-                return Response.json({ error: 'Authentication required for OTLP ingest', code: 'AUTH_REQUIRED', category: DaemonErrorCategory.AUTHENTICATION, status: 401 }, { status: 401 });
-            }
+            const auth = authenticateTelemetryIngest(context, req);
+            if (auth instanceof Response)
+                return auth;
             const bodyOrErr = await parseOtlpBody(req, 'metrics');
             if (bodyOrErr instanceof Response)
                 return bodyOrErr;