@peonai/swarm 0.1.1 → 0.2.0

package/bin/swarm.mjs

@@ -1,9 +1,72 @@
 #!/usr/bin/env node
+import { createInterface } from 'readline';
 import { execSync } from 'child_process';
-import { existsSync } from 'fs';
-import { join, dirname } from 'path';
-import { fileURLToPath } from 'url';
+import { writeFileSync, mkdirSync, existsSync } from 'fs';
 
-const root = join(dirname(fileURLToPath(import.meta.url)), '..');
-const cmd = process.argv.includes('--dev') ? 'npm run dev' : 'npm run build && npm run start';
-execSync(cmd, { cwd: root, stdio: 'inherit', env: { ...process.env } });
+const rl = createInterface({ input: process.stdin, output: process.stdout });
+const ask = (q, def) => new Promise(r => rl.question(`${q}${def ? ` [${def}]` : ''}: `, a => r(a.trim() || def || '')));
+
+async function main() {
+  console.log('\n🐝 Swarm AI Setup\n');
+
+  const installDir = await ask('Install directory', '/opt/swarm');
+  const port = await ask('Port', '3777');
+
+  console.log('\n📐 Embedding (optional, for semantic search)');
+  const embedUrl = await ask('Embedding API URL (empty to skip)', '');
+  let embedKey = '', embedModel = '';
+  if (embedUrl) {
+    embedKey = await ask('API Key', '');
+    embedModel = await ask('Model', 'embedding-3');
+  }
+
+  const adminToken = await ask('\n🔑 Admin token', 'swarm-' + Math.random().toString(36).slice(2, 10));
+
+  // Clone & build
+  console.log(`\n📦 Installing to ${installDir}...`);
+  mkdirSync(installDir, { recursive: true });
+
+  if (!existsSync(`${installDir}/package.json`)) {
+    console.log('   Cloning from GitHub...');
+    execSync(`git clone --depth 1 https://github.com/peonai/swarm.git ${installDir}`, { stdio: 'inherit' });
+  }
+
+  console.log('   Installing dependencies...');
+  execSync('npm install --production=false', { cwd: installDir, stdio: 'inherit' });
+
+  console.log('   Building...');
+  execSync('npm run build', { cwd: installDir, stdio: 'inherit' });
+
+  // Write .env
+  const env = [
+    `PORT=${port}`,
+    `SWARM_ADMIN_TOKEN=${adminToken}`,
+    embedUrl && `EMBED_URL=${embedUrl}`,
+    embedKey && `EMBED_KEY=${embedKey}`,
+    embedModel && `EMBED_MODEL=${embedModel}`,
+  ].filter(Boolean).join('\n');
+  writeFileSync(`${installDir}/.env`, env);
+
+  // Systemd
+  const useSvc = (await ask('\nInstall as systemd service? (y/n)', 'y')).toLowerCase();
+  if (useSvc === 'y') {
+    const unit = `[Unit]\nDescription=Swarm AI\nAfter=network.target\n\n[Service]\nType=simple\nWorkingDirectory=${installDir}\nEnvironmentFile=${installDir}/.env\nExecStart=/usr/bin/env node ${installDir}/.next/standalone/server.js\nRestart=on-failure\n\n[Install]\nWantedBy=multi-user.target`;
+    try {
+      writeFileSync('/etc/systemd/system/swarm.service', unit);
+      execSync('systemctl daemon-reload && systemctl enable swarm && systemctl start swarm');
+      console.log(`\n✅ Swarm AI running on port ${port}`);
+      console.log('   systemctl status swarm');
+    } catch {
+      console.log('\n⚠️  Need root for systemd. Run with sudo, or start manually.');
+    }
+  } else {
+    console.log(`\n🚀 Start: cd ${installDir} && node .next/standalone/server.js`);
+  }
+
+  console.log(`\n🔑 Admin: ${adminToken}`);
+  console.log(`📡 API: http://localhost:${port}/api/v1/`);
+  console.log(`🌐 Dashboard: http://localhost:${port}\n`);
+  rl.close();
+}
+
+main().catch(e => { console.error(e); process.exit(1); });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@peonai/swarm",
-  "version": "0.1.1",
+  "version": "0.2.0",
   "description": "Cross-agent user profile sync \u2014 let every AI agent know your user without re-teaching",
   "repository": {
     "type": "git",
@@ -40,5 +40,10 @@
   "bin": {
     "swarm": "./bin/swarm.mjs"
   },
-  "type": "module"
+  "type": "module",
+  "files": [
+    "bin/",
+    "README.md",
+    "package.json"
+  ]
 }

package/.dockerignore

@@ -1,6 +0,0 @@
-node_modules
-.next
-data
-*.db
-.git
-.env

package/Dockerfile

@@ -1,9 +0,0 @@
-FROM node:24-alpine
-WORKDIR /app
-COPY package.json package-lock.json ./
-RUN npm ci --production=false
-COPY . .
-RUN npm run build
-ENV NODE_ENV=production PORT=3777
-EXPOSE 3777
-CMD ["npm", "start"]

package/app/api/health/route.ts

@@ -1,2 +0,0 @@
-import { NextResponse } from 'next/server';
-export function GET() { return NextResponse.json({ ok: true, version: '0.1.0' }); }

package/app/api/v1/admin/agents/[id]/route.ts

@@ -1,12 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextRequest, NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-export const DELETE = withAdmin(async (req, userId) => {
-  await initSchema();
-  const id = req.nextUrl.pathname.split('/').pop() ?? '';
-  await db.prepare('DELETE FROM agents WHERE id = ? AND user_id = ?').run(id, userId);
-  return NextResponse.json({ ok: true });
-});

package/app/api/v1/admin/agents/route.ts

@@ -1,31 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-export const GET = withAdmin(async (_req, userId) => {
-  await initSchema();
-  const rows = await db.prepare('SELECT id, name, permissions, persona, created_at FROM agents WHERE user_id = ?').all(userId) as any[];
-  return NextResponse.json(rows.map(a => ({ ...a, persona: a.persona ? JSON.parse(a.persona) : null })));
-});
-
-export const POST = withAdmin(async (req, userId) => {
-  await initSchema();
-  const { id, name, permissions = 'read,write' } = await req.json();
-  const agentId = id || crypto.randomUUID().slice(0, 12);
-  const apiKey = `swarm_${crypto.randomUUID().replace(/-/g, '')}`;
-  await db.prepare('INSERT INTO agents (id, user_id, name, api_key, permissions) VALUES (?,?,?,?,?)').run(agentId, userId, name || agentId, apiKey, permissions);
-  return NextResponse.json({ id: agentId, apiKey, permissions });
-});
-
-export const PATCH = withAdmin(async (req, userId) => {
-  await initSchema();
-  const { id, persona, name } = await req.json();
-  if (!id) return NextResponse.json({ error: 'Missing agent id' }, { status: 400 });
-  if (persona !== undefined)
-    await db.prepare('UPDATE agents SET persona = ? WHERE id = ? AND user_id = ?').run(JSON.stringify(persona), id, userId);
-  if (name !== undefined)
-    await db.prepare('UPDATE agents SET name = ? WHERE id = ? AND user_id = ?').run(name, id, userId);
-  return NextResponse.json({ ok: true });
-});

package/app/api/v1/admin/audit/route.ts

@@ -1,23 +0,0 @@
-export const dynamic = 'force-dynamic';
-import { NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-export const GET = withAdmin(async (req, userId) => {
-  await initSchema();
-  const { searchParams } = req.nextUrl;
-  const limit = Number(searchParams.get('limit') || 50);
-  const action = searchParams.get('action');
-  const agent = searchParams.get('agent');
-
-  let sql = 'SELECT * FROM audit_log WHERE user_id = ?';
-  const params: any[] = [userId];
-  if (action) { sql += ' AND action = ?'; params.push(action); }
-  if (agent) { sql += ' AND agent_id = ?'; params.push(agent); }
-  sql += ' ORDER BY created_at DESC LIMIT ?';
-  params.push(limit);
-
-  const rows = await db.prepare(sql).all(...params);
-  return NextResponse.json(rows);
-});

package/app/api/v1/admin/cleanup/route.ts

@@ -1,21 +0,0 @@
-export const dynamic = 'force-dynamic';
-import { NextResponse } from 'next/server';
-import db, { isPg } from '@/lib/db';
-import { initSchema, logAudit, ensureDefaultUser } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-const NOW = isPg ? 'NOW()' : "datetime('now')";
-
-export const POST = withAdmin(async (_req, userId) => {
-  await initSchema();
-  const expired = await db.prepare(
-    `SELECT COUNT(*) as count FROM profiles WHERE expires_at IS NOT NULL AND expires_at < ${NOW}`
-  ).get() as any;
-
-  await db.prepare(
-    `DELETE FROM profiles WHERE expires_at IS NOT NULL AND expires_at < ${NOW}`
-  ).run();
-
-  await logAudit(userId, null, 'cleanup', 'profiles', undefined, `${expired?.count || 0} expired entries removed`);
-  return NextResponse.json({ ok: true, removed: expired?.count || 0 });
-});

package/app/api/v1/admin/export/route.ts

@@ -1,15 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-export const GET = withAdmin(async (_req, userId) => {
-  await initSchema();
-  const profiles = await db.prepare('SELECT layer, key, value, confidence, source, tags, updated_at FROM profiles WHERE user_id = ?').all(userId);
-  const agents = await db.prepare('SELECT id, name, permissions, persona, created_at FROM agents WHERE user_id = ?').all(userId);
-  const memories = await db.prepare('SELECT key, content, source, tags, type, importance, entities, created_at FROM memories WHERE user_id = ?').all(userId);
-  return NextResponse.json({ exported_at: new Date().toISOString(), profiles, agents, memories }, {
-    headers: { 'Content-Disposition': 'attachment; filename="swarm-export.json"' },
-  });
-});

package/app/api/v1/admin/history/route.ts

@@ -1,23 +0,0 @@
-export const dynamic = 'force-dynamic';
-import { NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-export const GET = withAdmin(async (req, userId) => {
-  await initSchema();
-  const { searchParams } = req.nextUrl;
-  const limit = Number(searchParams.get('limit') || 50);
-  const layer = searchParams.get('layer');
-  const key = searchParams.get('key');
-
-  let sql = 'SELECT * FROM profile_history WHERE user_id = ?';
-  const params: any[] = [userId];
-  if (layer) { sql += ' AND layer = ?'; params.push(layer); }
-  if (key) { sql += ' AND key = ?'; params.push(key); }
-  sql += ' ORDER BY created_at DESC LIMIT ?';
-  params.push(limit);
-
-  const rows = await db.prepare(sql).all(...params);
-  return NextResponse.json(rows);
-});

package/app/api/v1/admin/profile/route.ts

@@ -1,23 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextRequest, NextResponse } from 'next/server';
-import db, { isPg } from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAdmin } from '@/lib/auth';
-
-const NOW = isPg ? 'NOW()' : "datetime('now')";
-
-export const GET = withAdmin(async (_req, userId) => {
-  await initSchema();
-  const rows = await db.prepare('SELECT * FROM profiles WHERE user_id = ? ORDER BY layer, key').all(userId) as any[];
-  return NextResponse.json(rows.map((r: any) => ({ ...r, value: JSON.parse(r.value) })));
-});
-
-export const PUT = withAdmin(async (req, userId) => {
-  await initSchema();
-  const { entries } = await req.json();
-  const sql = `INSERT INTO profiles (user_id, layer, key, value, source, updated_at)
-    VALUES (?, ?, ?, ?, 'admin', ${NOW})
-    ON CONFLICT(user_id, layer, key) DO UPDATE SET value=${isPg ? 'EXCLUDED' : 'excluded'}.value, source='admin', updated_at=${NOW}`;
-  for (const e of entries) await db.prepare(sql).run(userId, e.layer, e.key, JSON.stringify(e.value));
-  return NextResponse.json({ ok: true });
-});

package/app/api/v1/admin/settings/route.ts

@@ -1,44 +0,0 @@
-export const dynamic = 'force-dynamic';
-import { NextResponse } from 'next/server';
-import { withAdmin } from '@/lib/auth';
-import { getEmbeddingConfig } from '@/lib/embedding';
-import { writeFileSync, readFileSync, existsSync } from 'fs';
-import { join } from 'path';
-
-const ENV_PATH = join(process.cwd(), '.env.local');
-
-function readEnv(): Record<string, string> {
-  if (!existsSync(ENV_PATH)) return {};
-  const lines = readFileSync(ENV_PATH, 'utf8').split('\n');
-  const env: Record<string, string> = {};
-  for (const l of lines) {
-    const m = l.match(/^([^=]+)=(.*)$/);
-    if (m) env[m[1]] = m[2];
-  }
-  return env;
-}
-
-function writeEnv(env: Record<string, string>) {
-  writeFileSync(ENV_PATH, Object.entries(env).map(([k, v]) => `${k}=${v}`).join('\n') + '\n');
-}
-
-export const GET = withAdmin(async () => {
-  return NextResponse.json({
-    embedding: getEmbeddingConfig(),
-    adminToken: process.env.SWARM_ADMIN_TOKEN || 'swarm-admin-dev',
-    port: process.env.PORT || '3777',
-  });
-});
-
-export const PATCH = withAdmin(async (req) => {
-  const { embedding } = await req.json();
-  if (!embedding) return NextResponse.json({ error: 'Missing embedding' }, { status: 400 });
-
-  const env = readEnv();
-  if (embedding.url !== undefined) env.EMBED_URL = embedding.url;
-  if (embedding.key !== undefined) env.EMBED_KEY = embedding.key;
-  if (embedding.model !== undefined) env.EMBED_MODEL = embedding.model;
-  writeEnv(env);
-
-  return NextResponse.json({ ok: true, note: 'Restart server to apply changes' });
-});

package/app/api/v1/auth/route.ts

@@ -1,5 +0,0 @@
-import { NextResponse } from 'next/server';
-
-export async function POST() {
-  return NextResponse.json({ error: 'Auth disabled' }, { status: 410 });
-}

package/app/api/v1/memory/route.ts

@@ -1,105 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextResponse } from 'next/server';
-import db, { isPg } from '@/lib/db';
-import { initSchema, logAudit } from '@/lib/schema';
-import { withAuthOrAdmin } from '@/lib/auth';
-import { embed, cosine } from '@/lib/embedding';
-
-export const GET = withAuthOrAdmin(async (req, agent) => {
-  await initSchema();
-  const { searchParams } = req.nextUrl;
-  const q = searchParams.get('q');
-  const tag = searchParams.get('tag');
-  const type = searchParams.get('type');
-  const entity = searchParams.get('entity');
-  const since = searchParams.get('since');
-  const limit = Number(searchParams.get('limit') || 50);
-
-  const mode = searchParams.get('mode'); // 'semantic' | null (default: fts)
-
-  // Semantic search mode
-  if (q && mode === 'semantic') {
-    const qVec = await embed(q);
-    const all = await db.prepare('SELECT * FROM memories WHERE user_id = ? AND embedding IS NOT NULL ORDER BY created_at DESC')
-      .all(agent.userId) as any[];
-    const scored = all.map(m => ({ ...m, score: cosine(qVec, JSON.parse(m.embedding)) }))
-      .sort((a, b) => b.score - a.score).slice(0, limit);
-    return NextResponse.json(scored.map(r => ({
-      ...r, embedding: undefined,
-      tags: r.tags?.split(',').filter(Boolean) || [],
-      entities: r.entities?.split(',').filter(Boolean) || [],
-    })));
-  }
-
-  let sql: string, params: any[];
-
-  if (q) {
-    const hasCJK = /[\u4e00-\u9fff\u3040-\u309f\u30a0-\u30ff]/.test(q);
-    if (isPg) {
-      sql = hasCJK
-        ? `SELECT * FROM memories WHERE user_id = ? AND content LIKE ? ORDER BY created_at DESC LIMIT ?`
-        : `SELECT *, ts_rank(to_tsvector('english', content), plainto_tsquery('english', ?)) AS rank
-           FROM memories WHERE user_id = ? AND to_tsvector('english', content) @@ plainto_tsquery('english', ?)
-           ORDER BY rank DESC LIMIT ?`;
-      params = hasCJK ? [agent.userId, `%${q}%`, limit] : [q, agent.userId, q, limit];
-    } else {
-      if (hasCJK) {
-        sql = `SELECT * FROM memories WHERE user_id = ? AND content LIKE ? ORDER BY created_at DESC LIMIT ?`;
-        params = [agent.userId, `%${q}%`, limit];
-      } else {
-        sql = `SELECT m.*, rank FROM memories m JOIN memories_fts ON memories_fts.rowid = m.id
-          WHERE m.user_id = ? AND memories_fts MATCH ? ORDER BY rank LIMIT ?`;
-        params = [agent.userId, q, limit];
-      }
-    }
-  } else {
-    sql = 'SELECT * FROM memories WHERE user_id = ?';
-    params = [agent.userId];
-    if (tag) { sql += ' AND tags LIKE ?'; params.push(`%${tag}%`); }
-    if (type) { sql += ' AND type = ?'; params.push(type); }
-    if (entity) { sql += ' AND entities LIKE ?'; params.push(`%${entity}%`); }
-    if (since) { sql += ' AND created_at >= ?'; params.push(since); }
-    sql += ' ORDER BY created_at DESC LIMIT ?';
-    params.push(limit);
-  }
-
-  const rows = await db.prepare(sql).all(...params) as any[];
-  return NextResponse.json(rows.map(r => ({
-    ...r,
-    tags: r.tags?.split(',').filter(Boolean) || [],
-    entities: r.entities?.split(',').filter(Boolean) || [],
-  })));
-});
-
-export const POST = withAuthOrAdmin(async (req, agent) => {
-  await initSchema();
-  if (!agent.permissions.includes('write')) return NextResponse.json({ error: 'No write permission' }, { status: 403 });
-  const { key, content, tags, type, importance, entities } = await req.json();
-  if (!content) return NextResponse.json({ error: 'Missing content' }, { status: 400 });
-
-  const tagsStr = Array.isArray(tags) ? tags.join(',') : tags || null;
-  const entStr = Array.isArray(entities) ? entities.join(',') : entities || null;
-
-  await db.prepare(`INSERT INTO memories (user_id, key, content, source, tags, type, importance, entities, embedding)
-    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)`)
-    .run(agent.userId, key || null, content, agent.id, tagsStr, type || 'observation', importance ?? 0.5, entStr, null);
-
-  // Background embed — don't block response
-  embed(content).then(async vec => {
-    const rows = await db.prepare('SELECT id FROM memories WHERE user_id = ? AND content = ? ORDER BY id DESC LIMIT 1').all(agent.userId, content) as any[];
-    if (rows[0]) await db.prepare('UPDATE memories SET embedding = ? WHERE id = ?').run(JSON.stringify(vec), rows[0].id);
-  }).catch(() => {});
-
-  await logAudit(agent.userId, agent.id, 'memory.write', 'memory', key || undefined, content.slice(0, 100));
-  return NextResponse.json({ ok: true });
-});
-
-export const DELETE = withAuthOrAdmin(async (req, agent) => {
-  await initSchema();
-  if (!agent.permissions.includes('write')) return NextResponse.json({ error: 'No write permission' }, { status: 403 });
-  const { id } = await req.json();
-  if (!id) return NextResponse.json({ error: 'Missing id' }, { status: 400 });
-  await db.prepare('DELETE FROM memories WHERE id = ? AND user_id = ?').run(id, agent.userId);
-  await logAudit(agent.userId, agent.id, 'memory.delete', 'memory', String(id));
-  return NextResponse.json({ ok: true });
-});

package/app/api/v1/persona/[agentId]/route.ts

@@ -1,13 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextRequest, NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAuth } from '@/lib/auth';
-
-export const GET = withAuth(async (req: NextRequest & { agentId?: string }, agent) => {
-  await initSchema();
-  const agentId = req.nextUrl.pathname.split('/').pop() ?? '';
-  const row = await db.prepare('SELECT id, name, persona FROM agents WHERE id = ? AND user_id = ?').get(agentId, agent.userId) as any;
-  if (!row) return NextResponse.json({ error: 'Not found' }, { status: 404 });
-  return NextResponse.json({ ...row, persona: row.persona ? JSON.parse(row.persona) : null });
-});

package/app/api/v1/persona/me/route.ts

@@ -1,12 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextResponse } from 'next/server';
-import db from '@/lib/db';
-import { initSchema } from '@/lib/schema';
-import { withAuth } from '@/lib/auth';
-
-export const GET = withAuth(async (_req, agent) => {
-  await initSchema();
-  const row = await db.prepare('SELECT id, name, persona, permissions FROM agents WHERE id = ?').get(agent.id) as any;
-  if (!row) return NextResponse.json({ error: 'Not found' }, { status: 404 });
-  return NextResponse.json({ ...row, persona: row.persona ? JSON.parse(row.persona) : null });
-});

package/app/api/v1/profile/observe/route.ts

@@ -1,34 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextResponse } from 'next/server';
-import db, { isPg } from '@/lib/db';
-import { initSchema, logAudit } from '@/lib/schema';
-import { withAuth } from '@/lib/auth';
-
-const NOW_SQL = isPg ? 'NOW()' : "datetime('now')";
-
-export const POST = withAuth(async (req, agent) => {
-  await initSchema();
-  if (!agent.permissions.includes('write')) return NextResponse.json({ error: 'No write permission' }, { status: 403 });
-  const { observations } = await req.json();
-  if (!Array.isArray(observations)) return NextResponse.json({ error: 'Missing observations array' }, { status: 400 });
-
-  const upsertSql = `INSERT INTO profiles (user_id, layer, key, value, confidence, source, tags, expires_at, updated_at)
-    VALUES (?, ?, ?, ?, ?, ?, ?, ?, ${NOW_SQL})
-    ON CONFLICT(user_id, layer, key) DO UPDATE SET
-      value = CASE WHEN ${isPg ? 'EXCLUDED' : 'excluded'}.confidence > profiles.confidence THEN ${isPg ? 'EXCLUDED' : 'excluded'}.value ELSE profiles.value END,
-      confidence = ${isPg ? `GREATEST(profiles.confidence, EXCLUDED.confidence)` : `MAX(profiles.confidence, excluded.confidence)`},
-      source = CASE WHEN ${isPg ? 'EXCLUDED' : 'excluded'}.confidence > profiles.confidence THEN ${isPg ? 'EXCLUDED' : 'excluded'}.source ELSE profiles.source END,
-      tags = COALESCE(${isPg ? 'EXCLUDED' : 'excluded'}.tags, profiles.tags),
-      expires_at = COALESCE(${isPg ? 'EXCLUDED' : 'excluded'}.expires_at, profiles.expires_at),
-      updated_at = ${NOW_SQL}`;
-
-  for (const obs of observations) {
-    const tags = Array.isArray(obs.tags) ? obs.tags.join(',') : obs.tags || null;
-    const defaultExpiry = (obs.layer || 'context') === 'context' && !obs.expiresAt
-      ? new Date(Date.now() + 86400000).toISOString() : null;
-    await db.prepare(upsertSql).run(agent.userId, obs.layer || 'context', obs.key, JSON.stringify(obs.value),
-      obs.confidence ?? 0.5, agent.id, tags, obs.expiresAt || defaultExpiry);
-  }
-  await logAudit(agent.userId, agent.id, 'profile.observe', 'profile', undefined, `${observations.length} observations`);
-  return NextResponse.json({ ok: true, count: observations.length });
-});

package/app/api/v1/profile/route.ts

@@ -1,72 +0,0 @@
-export const dynamic = "force-dynamic";
-import { NextRequest, NextResponse } from 'next/server';
-import db, { isPg } from '@/lib/db';
-import { initSchema, logAudit, logProfileHistory } from '@/lib/schema';
-import { withAuth } from '@/lib/auth';
-
-const NOW = isPg ? 'NOW()' : "datetime('now')";
-
-export const GET = withAuth(async (req, agent) => {
-  await initSchema();
-  const layer = req.nextUrl.searchParams.get('layer');
-  const tag = req.nextUrl.searchParams.get('tag');
-
-  let sql = 'SELECT layer, key, value, confidence, source, tags, expires_at, updated_at FROM profiles WHERE user_id = ?';
-  const params: any[] = [agent.userId];
-  sql += ` AND (expires_at IS NULL OR expires_at > ${NOW})`;
-  if (layer) { sql += ' AND layer = ?'; params.push(layer); }
-  if (tag) { sql += ' AND tags LIKE ?'; params.push(`%${tag}%`); }
-  sql += ' ORDER BY layer, key';
-
-  const rows = await db.prepare(sql).all(...params) as any[];
-  const profile: Record<string, Record<string, any>> = {};
-  for (const r of rows) {
-    if (!profile[r.layer]) profile[r.layer] = {};
-    profile[r.layer][r.key] = {
-      value: JSON.parse(r.value), confidence: r.confidence,
-      source: r.source, tags: r.tags?.split(',').filter(Boolean) || [],
-      expiresAt: r.expires_at, updatedAt: r.updated_at,
-    };
-  }
-  return NextResponse.json(profile);
-});
-
-export const PATCH = withAuth(async (req, agent) => {
-  await initSchema();
-  if (!agent.permissions.includes('write')) return NextResponse.json({ error: 'No write permission' }, { status: 403 });
-  const { layer, entries } = await req.json();
-  if (!layer || !entries) return NextResponse.json({ error: 'Missing layer or entries' }, { status: 400 });
-
-  const upsertSql = isPg
-    ? `INSERT INTO profiles (user_id, layer, key, value, confidence, source, tags, expires_at, updated_at)
-       VALUES (?, ?, ?, ?, ?, ?, ?, ?, NOW())
-       ON CONFLICT(user_id, layer, key) DO UPDATE SET value=EXCLUDED.value, confidence=EXCLUDED.confidence,
-       source=EXCLUDED.source, tags=EXCLUDED.tags, expires_at=EXCLUDED.expires_at, updated_at=NOW()`
-    : `INSERT INTO profiles (user_id, layer, key, value, confidence, source, tags, expires_at, updated_at)
-       VALUES (?, ?, ?, ?, ?, ?, ?, ?, datetime('now'))
-       ON CONFLICT(user_id, layer, key) DO UPDATE SET value=excluded.value, confidence=excluded.confidence,
-       source=excluded.source, tags=excluded.tags, expires_at=excluded.expires_at, updated_at=excluded.updated_at`;
-
-  for (const [key, val] of Object.entries(entries)) {
-    const v = typeof val === 'object' && val !== null && 'value' in (val as any) ? (val as any) : { value: val };
-    const tags = Array.isArray(v.tags) ? v.tags.join(',') : v.tags || null;
-    // Get old value for history
-    const old = await db.prepare('SELECT value FROM profiles WHERE user_id = ? AND layer = ? AND key = ?').get(agent.userId, layer, key) as any;
-    await db.prepare(upsertSql).run(agent.userId, layer, key, JSON.stringify(v.value), v.confidence ?? 1.0, agent.id, tags, v.expiresAt || null);
-    await logProfileHistory(agent.userId, layer, key, old?.value || null, JSON.stringify(v.value), agent.id);
-  }
-  await logAudit(agent.userId, agent.id, 'profile.update', 'profile', layer, `${Object.keys(entries).length} entries`);
-  return NextResponse.json({ ok: true });
-});
-
-export const DELETE = withAuth(async (req, agent) => {
-  await initSchema();
-  if (!agent.permissions.includes('write')) return NextResponse.json({ error: 'No write permission' }, { status: 403 });
-  const { layer, key } = await req.json();
-  if (!layer || !key) return NextResponse.json({ error: 'Missing layer or key' }, { status: 400 });
-  const old = await db.prepare('SELECT value FROM profiles WHERE user_id = ? AND layer = ? AND key = ?').get(agent.userId, layer, key) as any;
-  await db.prepare('DELETE FROM profiles WHERE user_id = ? AND layer = ? AND key = ?').run(agent.userId, layer, key);
-  if (old) await logProfileHistory(agent.userId, layer, key, old.value, '(deleted)', agent.id);
-  await logAudit(agent.userId, agent.id, 'profile.delete', 'profile', `${layer}.${key}`);
-  return NextResponse.json({ ok: true });
-});