@pixelbyte-software/pixcode 1.51.1 → 1.51.3

package/scripts/smoke/hermes-rest-codex-launch.mjs

@@ -1,209 +1,209 @@
-import assert from 'node:assert/strict';
-import { createServer } from 'node:http';
-import fs from 'node:fs/promises';
-import fsSync from 'node:fs';
-import os from 'node:os';
-import path from 'node:path';
-import { fileURLToPath } from 'node:url';
-
-import {
-  ensureHermesGateway,
-  stopHermesGateway,
-} from '../../server/services/hermes-gateway.js';
-
-const repoRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..', '..');
-const sourceHermesHome = path.join(os.homedir(), '.hermes');
-const hermesHome = await fs.mkdtemp(path.join(os.tmpdir(), 'pixcode-hermes-rest-codex-'));
-const projectPath = path.resolve(process.argv[2] || repoRoot);
-const apiKey = 'px_codex_launch_smoke_key';
-const gatewayKey = 'pixcode-hermes-run-smoke';
-const terminalLaunches = [];
-
-async function copyIfExists(relativePath) {
-  const source = path.join(sourceHermesHome, relativePath);
-  if (!fsSync.existsSync(source)) return;
-  const target = path.join(hermesHome, relativePath);
-  await fs.mkdir(path.dirname(target), { recursive: true });
-  await fs.copyFile(source, target);
-}
-
-async function readJson(req) {
-  let body = '';
-  for await (const chunk of req) {
-    body += chunk.toString();
-  }
-  return body ? JSON.parse(body) : {};
-}
-
-const server = createServer(async (req, res) => {
-  const url = new URL(req.url || '/', 'http://127.0.0.1');
-  res.setHeader('content-type', 'application/json');
-  if (req.headers.authorization !== `Bearer ${apiKey}`) {
-    res.statusCode = 401;
-    res.end(JSON.stringify({ error: 'bad auth' }));
-    return;
-  }
-
-  if (req.method === 'GET' && url.pathname === '/api/projects') {
-    res.end(JSON.stringify([{ name: 'pixcode', displayName: 'Pixcode', fullPath: projectPath, fileCount: 1 }]));
-    return;
-  }
-
-  if (req.method === 'GET' && url.pathname === '/api/providers/codex/auth/status') {
-    res.end(JSON.stringify({ data: { provider: 'codex', installed: true, authenticated: true } }));
-    return;
-  }
-
-  if (req.method === 'GET' && url.pathname === '/api/orchestration/hermes/gateway/status') {
-    res.end(JSON.stringify({ running: true, projectPath, baseUrl: 'http://127.0.0.1:18643' }));
-    return;
-  }
-
-  if (req.method === 'POST' && url.pathname === '/api/orchestration/hermes/gateway/probe') {
-    res.end(JSON.stringify({ ok: true, projectPath, checks: { health: { ok: true } } }));
-    return;
-  }
-
-  if (req.method === 'POST' && url.pathname === '/api/orchestration/hermes/terminal-launches') {
-    const body = await readJson(req);
-    const event = {
-      id: terminalLaunches.length + 1,
-      provider: body.provider,
-      projectPath: body.projectPath,
-      prompt: body.prompt,
-      startupInput: body.startupInput,
-      forceNewSession: Boolean(body.forceNewSession),
-      permissionMode: body.permissionMode,
-      skipPermissions: Boolean(body.skipPermissions),
-      bypassPermissions: Boolean(body.bypassPermissions),
-      source: 'hermes-mcp',
-      createdAt: new Date().toISOString(),
-    };
-    terminalLaunches.push(event);
-    res.statusCode = 201;
-    res.end(JSON.stringify({ event }));
-    return;
-  }
-
-  if (req.method === 'GET' && url.pathname === '/api/shell/sessions/provider-output') {
-    const launchId = Number(url.searchParams.get('launchId') || 0) || null;
-    res.end(JSON.stringify({
-      active: true,
-      provider: url.searchParams.get('provider') || 'codex',
-      projectPath,
-      launchId,
-      terminalState: 'idle',
-      isBusy: false,
-      output: 'Hermes launched Codex through Pixcode MCP\n\n› ',
-    }));
-    return;
-  }
-
-  res.statusCode = 404;
-  res.end(JSON.stringify({ error: url.pathname }));
-});
-
-function listen() {
-  return new Promise((resolve, reject) => {
-    server.once('error', reject);
-    server.listen(0, '127.0.0.1', () => {
-      const address = server.address();
-      resolve(`http://127.0.0.1:${address.port}`);
-    });
-  });
-}
-
-async function gatewayFetch(baseUrl, endpoint, options = {}) {
-  const response = await fetch(`${baseUrl}${endpoint}`, {
-    ...options,
-    headers: {
-      Authorization: `Bearer ${gatewayKey}`,
-      'content-type': 'application/json',
-      ...(options.headers || {}),
-    },
-  });
-  const text = await response.text();
-  let body = null;
-  try {
-    body = text ? JSON.parse(text) : null;
-  } catch {
-    body = text;
-  }
-  return { response, body };
-}
-
-async function pollRun(baseUrl, runId) {
-  const started = Date.now();
-  while (Date.now() - started < 120000) {
-    // eslint-disable-next-line no-await-in-loop
-    const { response, body } = await gatewayFetch(baseUrl, `/v1/runs/${encodeURIComponent(runId)}`);
-    if (!response.ok) {
-      throw new Error(`GET run status failed: HTTP ${response.status} ${JSON.stringify(body)}`);
-    }
-    if (['completed', 'failed', 'cancelled'].includes(body.status)) {
-      return body;
-    }
-    // eslint-disable-next-line no-await-in-loop
-    await new Promise((resolve) => setTimeout(resolve, 1500));
-  }
-  throw new Error(`Hermes run did not finish within 120s: ${runId}`);
-}
-
-await Promise.all([
-  copyIfExists('config.yaml'),
-  copyIfExists('auth.json'),
-  copyIfExists('.env'),
-]);
-
-const pixcodeBaseUrl = await listen();
-try {
-  const gateway = await ensureHermesGateway({
-    appRoot: repoRoot,
-    projectPath,
-    hermesHome,
-    pixcodeBaseUrl,
-    pixcodeApiKey: apiKey,
-    apiServerKey: gatewayKey,
-    port: Number(process.env.PIXCODE_HERMES_CODEX_PORT || 18643),
-  });
-  assert.equal(gateway.running, true, 'Hermes REST gateway should be running before /v1/runs');
-
-  const codexTask = 'Pixcode Hermes REST smoke: create HERMES_CODEX_REST_SMOKE.txt with the text "Hermes launched Codex through Pixcode MCP", then report the changed file path.';
-  const { response, body } = await gatewayFetch(gateway.baseUrl, '/v1/runs', {
-    method: 'POST',
-    body: JSON.stringify({
-      session_id: `pixcode-codex-launch-${Date.now()}`,
-      instructions: [
-        'You are testing Pixcode integration.',
-        'Use the MCP tool named mcp_pixcode_pixcode_open_cli_terminal exactly once.',
-        'Call it with provider="codex", the supplied projectPath, startupInput equal to the supplied task, prompt="Pixcode Hermes REST smoke visible Codex task", forceNewSession=false, and bypassPermissions=true.',
-        'After the tool call, answer with "codex launch requested".',
-      ].join(' '),
-      input: `Call mcp_pixcode_pixcode_open_cli_terminal with provider codex, projectPath ${JSON.stringify(projectPath)}, startupInput ${JSON.stringify(codexTask)}, prompt "Pixcode Hermes REST smoke visible Codex task", forceNewSession false, and bypassPermissions true.`,
-    }),
-  });
-  if (!response.ok || !body?.run_id) {
-    throw new Error(`POST /v1/runs failed: HTTP ${response.status} ${JSON.stringify(body)}`);
-  }
-
-  const status = await pollRun(gateway.baseUrl, body.run_id);
-  if (status.status === 'failed') {
-    throw new Error(`Hermes /v1/runs failed: ${status.error || JSON.stringify(status)}`);
-  }
-
-  const launch = terminalLaunches.find((event) => event.provider === 'codex' && event.startupInput === codexTask);
-  assert(launch, `Hermes run completed but did not request Codex launch. Launches: ${JSON.stringify(terminalLaunches)}`);
-  assert.equal(launch.bypassPermissions, true, 'Hermes Codex launch should request provider permission bypass.');
-  assert.equal(launch.skipPermissions, true, 'Hermes Codex launch should carry skipPermissions for providers that use skip flags.');
-  assert.equal(launch.permissionMode, 'bypassPermissions', 'Hermes Codex launch should use bypassPermissions mode.');
-  assert.equal(launch.forceNewSession, false, 'Hermes Codex launch should continue the visible provider terminal unless a fresh session is explicit.');
-  console.log(JSON.stringify({
-    ok: true,
-    runId: body.run_id,
-    status: status.status,
-    codexLaunch: launch,
-  }, null, 2));
-} finally {
-  stopHermesGateway(projectPath);
-  await new Promise((resolve) => server.close(resolve));
-}
+import assert from 'node:assert/strict';
+import { createServer } from 'node:http';
+import fs from 'node:fs/promises';
+import fsSync from 'node:fs';
+import os from 'node:os';
+import path from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+import {
+  ensureHermesGateway,
+  stopHermesGateway,
+} from '../../server/services/hermes-gateway.js';
+
+const repoRoot = path.resolve(path.dirname(fileURLToPath(import.meta.url)), '..', '..');
+const sourceHermesHome = path.join(os.homedir(), '.hermes');
+const hermesHome = await fs.mkdtemp(path.join(os.tmpdir(), 'pixcode-hermes-rest-codex-'));
+const projectPath = path.resolve(process.argv[2] || repoRoot);
+const apiKey = 'px_codex_launch_smoke_key';
+const gatewayKey = 'pixcode-hermes-run-smoke';
+const terminalLaunches = [];
+
+async function copyIfExists(relativePath) {
+  const source = path.join(sourceHermesHome, relativePath);
+  if (!fsSync.existsSync(source)) return;
+  const target = path.join(hermesHome, relativePath);
+  await fs.mkdir(path.dirname(target), { recursive: true });
+  await fs.copyFile(source, target);
+}
+
+async function readJson(req) {
+  let body = '';
+  for await (const chunk of req) {
+    body += chunk.toString();
+  }
+  return body ? JSON.parse(body) : {};
+}
+
+const server = createServer(async (req, res) => {
+  const url = new URL(req.url || '/', 'http://127.0.0.1');
+  res.setHeader('content-type', 'application/json');
+  if (req.headers.authorization !== `Bearer ${apiKey}`) {
+    res.statusCode = 401;
+    res.end(JSON.stringify({ error: 'bad auth' }));
+    return;
+  }
+
+  if (req.method === 'GET' && url.pathname === '/api/projects') {
+    res.end(JSON.stringify([{ name: 'pixcode', displayName: 'Pixcode', fullPath: projectPath, fileCount: 1 }]));
+    return;
+  }
+
+  if (req.method === 'GET' && url.pathname === '/api/providers/codex/auth/status') {
+    res.end(JSON.stringify({ data: { provider: 'codex', installed: true, authenticated: true } }));
+    return;
+  }
+
+  if (req.method === 'GET' && url.pathname === '/api/orchestration/hermes/gateway/status') {
+    res.end(JSON.stringify({ running: true, projectPath, baseUrl: 'http://127.0.0.1:18643' }));
+    return;
+  }
+
+  if (req.method === 'POST' && url.pathname === '/api/orchestration/hermes/gateway/probe') {
+    res.end(JSON.stringify({ ok: true, projectPath, checks: { health: { ok: true } } }));
+    return;
+  }
+
+  if (req.method === 'POST' && url.pathname === '/api/orchestration/hermes/terminal-launches') {
+    const body = await readJson(req);
+    const event = {
+      id: terminalLaunches.length + 1,
+      provider: body.provider,
+      projectPath: body.projectPath,
+      prompt: body.prompt,
+      startupInput: body.startupInput,
+      forceNewSession: Boolean(body.forceNewSession),
+      permissionMode: body.permissionMode,
+      skipPermissions: Boolean(body.skipPermissions),
+      bypassPermissions: Boolean(body.bypassPermissions),
+      source: 'hermes-mcp',
+      createdAt: new Date().toISOString(),
+    };
+    terminalLaunches.push(event);
+    res.statusCode = 201;
+    res.end(JSON.stringify({ event }));
+    return;
+  }
+
+  if (req.method === 'GET' && url.pathname === '/api/shell/sessions/provider-output') {
+    const launchId = Number(url.searchParams.get('launchId') || 0) || null;
+    res.end(JSON.stringify({
+      active: true,
+      provider: url.searchParams.get('provider') || 'codex',
+      projectPath,
+      launchId,
+      terminalState: 'idle',
+      isBusy: false,
+      output: 'Hermes launched Codex through Pixcode MCP\n\n› ',
+    }));
+    return;
+  }
+
+  res.statusCode = 404;
+  res.end(JSON.stringify({ error: url.pathname }));
+});
+
+function listen() {
+  return new Promise((resolve, reject) => {
+    server.once('error', reject);
+    server.listen(0, '127.0.0.1', () => {
+      const address = server.address();
+      resolve(`http://127.0.0.1:${address.port}`);
+    });
+  });
+}
+
+async function gatewayFetch(baseUrl, endpoint, options = {}) {
+  const response = await fetch(`${baseUrl}${endpoint}`, {
+    ...options,
+    headers: {
+      Authorization: `Bearer ${gatewayKey}`,
+      'content-type': 'application/json',
+      ...(options.headers || {}),
+    },
+  });
+  const text = await response.text();
+  let body = null;
+  try {
+    body = text ? JSON.parse(text) : null;
+  } catch {
+    body = text;
+  }
+  return { response, body };
+}
+
+async function pollRun(baseUrl, runId) {
+  const started = Date.now();
+  while (Date.now() - started < 120000) {
+    // eslint-disable-next-line no-await-in-loop
+    const { response, body } = await gatewayFetch(baseUrl, `/v1/runs/${encodeURIComponent(runId)}`);
+    if (!response.ok) {
+      throw new Error(`GET run status failed: HTTP ${response.status} ${JSON.stringify(body)}`);
+    }
+    if (['completed', 'failed', 'cancelled'].includes(body.status)) {
+      return body;
+    }
+    // eslint-disable-next-line no-await-in-loop
+    await new Promise((resolve) => setTimeout(resolve, 1500));
+  }
+  throw new Error(`Hermes run did not finish within 120s: ${runId}`);
+}
+
+await Promise.all([
+  copyIfExists('config.yaml'),
+  copyIfExists('auth.json'),
+  copyIfExists('.env'),
+]);
+
+const pixcodeBaseUrl = await listen();
+try {
+  const gateway = await ensureHermesGateway({
+    appRoot: repoRoot,
+    projectPath,
+    hermesHome,
+    pixcodeBaseUrl,
+    pixcodeApiKey: apiKey,
+    apiServerKey: gatewayKey,
+    port: Number(process.env.PIXCODE_HERMES_CODEX_PORT || 18643),
+  });
+  assert.equal(gateway.running, true, 'Hermes REST gateway should be running before /v1/runs');
+
+  const codexTask = 'Pixcode Hermes REST smoke: create HERMES_CODEX_REST_SMOKE.txt with the text "Hermes launched Codex through Pixcode MCP", then report the changed file path.';
+  const { response, body } = await gatewayFetch(gateway.baseUrl, '/v1/runs', {
+    method: 'POST',
+    body: JSON.stringify({
+      session_id: `pixcode-codex-launch-${Date.now()}`,
+      instructions: [
+        'You are testing Pixcode integration.',
+        'Use the MCP tool named mcp_pixcode_pixcode_open_cli_terminal exactly once.',
+        'Call it with provider="codex", the supplied projectPath, startupInput equal to the supplied task, prompt="Pixcode Hermes REST smoke visible Codex task", forceNewSession=false, and bypassPermissions=true.',
+        'After the tool call, answer with "codex launch requested".',
+      ].join(' '),
+      input: `Call mcp_pixcode_pixcode_open_cli_terminal with provider codex, projectPath ${JSON.stringify(projectPath)}, startupInput ${JSON.stringify(codexTask)}, prompt "Pixcode Hermes REST smoke visible Codex task", forceNewSession false, and bypassPermissions true.`,
+    }),
+  });
+  if (!response.ok || !body?.run_id) {
+    throw new Error(`POST /v1/runs failed: HTTP ${response.status} ${JSON.stringify(body)}`);
+  }
+
+  const status = await pollRun(gateway.baseUrl, body.run_id);
+  if (status.status === 'failed') {
+    throw new Error(`Hermes /v1/runs failed: ${status.error || JSON.stringify(status)}`);
+  }
+
+  const launch = terminalLaunches.find((event) => event.provider === 'codex' && event.startupInput === codexTask);
+  assert(launch, `Hermes run completed but did not request Codex launch. Launches: ${JSON.stringify(terminalLaunches)}`);
+  assert.equal(launch.bypassPermissions, true, 'Hermes Codex launch should request provider permission bypass.');
+  assert.equal(launch.skipPermissions, true, 'Hermes Codex launch should carry skipPermissions for providers that use skip flags.');
+  assert.equal(launch.permissionMode, 'bypassPermissions', 'Hermes Codex launch should use bypassPermissions mode.');
+  assert.equal(launch.forceNewSession, false, 'Hermes Codex launch should continue the visible provider terminal unless a fresh session is explicit.');
+  console.log(JSON.stringify({
+    ok: true,
+    runId: body.run_id,
+    status: status.status,
+    codexLaunch: launch,
+  }, null, 2));
+} finally {
+  stopHermesGateway(projectPath);
+  await new Promise((resolve) => server.close(resolve));
+}

package/scripts/smoke/hermes-rest-gateway.mjs

@@ -1,70 +1,79 @@
-import assert from 'node:assert/strict';
-import fs from 'node:fs';
-
-const read = (path) => fs.readFileSync(path, 'utf8');
-
-const service = read('server/services/hermes-gateway.js');
-const routes = read('server/modules/orchestration/hermes/hermes.routes.ts');
-const mcpServer = read('scripts/hermes/pixcode-mcp-server.mjs');
-const configureMcp = read('scripts/hermes/configure-pixcode-mcp.mjs');
-const settingsTab = read('src/components/settings/view/tabs/HermesSettingsTab.tsx');
-
-assert.match(service, /export async function ensureHermesGateway/, 'Pixcode should expose an API-managed Hermes gateway starter.');
-assert.match(service, /export async function probeHermesGateway/, 'Pixcode should probe Hermes through its REST API.');
-assert.match(service, /export async function runHermesGatewayPrompt/, 'Pixcode should submit Hermes prompts through the managed REST gateway.');
-assert.match(service, /export async function requestHermesGateway/, 'Pixcode should proxy documented Hermes gateway endpoints such as /api/jobs.');
-assert.match(service, /export async function readHermesDiagnostics/, 'Pixcode should expose redacted Hermes diagnostics for config, auth, MCP, gateway, and cron state.');
-assert.match(service, /export function stopHermesGateway/, 'Pixcode should be able to stop a managed Hermes gateway process.');
-assert.match(service, /\/v1\/chat\/completions/, 'Hermes UI chat should use the documented OpenAI-compatible chat completions endpoint first.');
-assert.match(service, /\/v1\/responses/, 'Hermes UI chat should use the stateful OpenAI-compatible responses endpoint before legacy chat fallback.');
-assert.match(service, /transport:\s*'responses'/, 'Hermes REST responses should report their transport for terminal proof output.');
-assert.match(service, /resolveHermesGatewayHome/, 'Hermes REST gateway should run from a Pixcode-managed Hermes profile.');
-assert.match(service, /seedHermesGatewayHome/, 'Hermes REST gateway should seed the managed profile from the user Hermes profile.');
-assert.match(service, /PIXCODE_HERMES_GATEWAY_HOME/, 'Hermes REST gateway profile path should be overrideable for tests and advanced installs.');
-assert.match(service, /PIXCODE_MANAGED_HERMES_ENV_PREFIXES/, 'Managed Hermes gateway profile should strip messaging platform env vars.');
-assert.match(service, /copyHermesProfileEnv/, 'Managed Hermes gateway profile should copy a sanitized .env instead of raw platform credentials.');
-assert.match(service, /gatewayArgs[\s\S]+\['gateway', 'run', '--replace'\]/, 'Pixcode can use replace mode safely inside its managed Hermes gateway profile.');
-assert.match(service, /gatewayExitMessage/, 'Hermes gateway failures should include recent stderr/stdout instead of only exit code 1.');
-assert.match(service, /API_SERVER_ENABLED:\s*'true'/, 'Hermes gateway env should enable the API server.');
-assert.match(service, /API_SERVER_KEY/, 'Hermes gateway env should set a bearer key.');
-assert.match(service, /API_SERVER_PORT/, 'Hermes gateway env should choose a REST port.');
-assert.match(service, /spawn\(installStatus\.command,\s*gatewayArgs/, 'Pixcode should start Hermes with explicit gateway args for REST control.');
-assert.match(service, /\/health/, 'Gateway probe should call Hermes health.');
-assert.match(service, /\/v1\/capabilities/, 'Gateway probe should verify Hermes capabilities.');
-assert.match(service, /\/v1\/models/, 'Gateway probe should verify OpenAI-compatible model discovery.');
-assert.match(service, /\/v1\/runs/, 'Gateway probe should support a real run submission when requested.');
-
-assert.match(routes, /router\.get\('\/gateway\/status'/, 'Hermes router should expose gateway status.');
-assert.match(routes, /router\.post\('\/gateway\/start'/, 'Hermes router should expose gateway start.');
-assert.match(routes, /router\.post\('\/gateway\/probe'/, 'Hermes router should expose a REST probe endpoint.');
-assert.match(routes, /router\.post\('\/gateway\/chat'/, 'Hermes router should expose a REST chat endpoint.');
-assert.match(routes, /router\.post\('\/gateway\/request'/, 'Hermes router should expose a generic documented gateway request endpoint.');
-assert.match(routes, /router\.get\('\/diagnostics'/, 'Hermes router should expose integration diagnostics.');
-assert.match(routes, /router\.post\('\/gateway\/stop'/, 'Hermes router should expose gateway stop.');
-assert.match(routes, /ensureHermesGateway/, 'Hermes router should use the managed gateway service.');
-assert.match(routes, /probeHermesGateway/, 'Hermes router should use the REST probe service.');
-assert.match(routes, /runHermesGatewayPrompt/, 'Hermes router should send chat prompts through the REST gateway service.');
-assert.match(routes, /resolveHermesMcpBaseUrl/, 'Hermes MCP should be configured against the local Pixcode API URL instead of the browser request host.');
-assert.match(routes, /probeExisting:\s*false/, 'Hermes chat should reuse a running gateway instead of killing it on a transient probe failure.');
-
-assert.match(mcpServer, /pixcode_get_hermes_gateway_status/, 'Pixcode MCP should let Hermes inspect gateway status.');
-assert.match(mcpServer, /pixcode_probe_hermes_gateway/, 'Pixcode MCP should let Hermes trigger a REST probe.');
-assert.match(mcpServer, /pixcode_get_hermes_diagnostics/, 'Pixcode MCP should let Hermes read redacted integration diagnostics.');
-assert.match(mcpServer, /pixcode_get_api_manifest/, 'Pixcode MCP should let Hermes discover Pixcode API docs.');
-assert.match(mcpServer, /pixcode_api_request/, 'Pixcode MCP should let Hermes call authenticated Pixcode APIs.');
-assert.match(mcpServer, /pixcode_hermes_gateway_request/, 'Pixcode MCP should let Hermes call documented gateway APIs.');
-assert.match(mcpServer, /pixcode_manage_hermes_cron/, 'Pixcode MCP should expose Hermes cron job management.');
-assert.match(mcpServer, /pixcode_send_cli_input/, 'Pixcode MCP should let Hermes continue an existing visible CLI terminal.');
-assert.match(configureMcp, /pixcode_get_hermes_gateway_status/, 'Hermes MCP config should include gateway status tool.');
-assert.match(configureMcp, /pixcode_probe_hermes_gateway/, 'Hermes MCP config should include gateway probe tool.');
-assert.match(configureMcp, /pixcode_get_hermes_diagnostics/, 'Hermes MCP config should include diagnostics tool.');
-assert.match(configureMcp, /pixcode_manage_hermes_cron/, 'Hermes MCP config should include cron management tool.');
-assert.match(configureMcp, /mcp-pixcode/, 'Hermes MCP config should enable the Pixcode MCP toolset for the real CLI.');
-assert.match(configureMcp, /hermes-cli/, 'Hermes MCP config should keep the native Hermes CLI toolset enabled for cron/files/terminal tools.');
-
-assert.match(settingsTab, /gateway\/status/, 'Hermes settings should read gateway status.');
-assert.match(settingsTab, /gateway\/start/, 'Hermes settings should start the REST gateway via API.');
-assert.match(settingsTab, /gateway\/probe/, 'Hermes settings should run REST probe via API.');
-assert.match(settingsTab, /diagnostics/, 'Hermes settings should render diagnostics from the server.');
-
-console.log('hermes REST gateway smoke passed');
+import assert from 'node:assert/strict';
+import fs from 'node:fs';
+
+const read = (path) => fs.readFileSync(path, 'utf8');
+
+const service = read('server/services/hermes-gateway.js');
+const routes = read('server/modules/orchestration/hermes/hermes.routes.ts');
+const mcpServer = read('scripts/hermes/pixcode-mcp-server.mjs');
+const configureMcp = read('scripts/hermes/configure-pixcode-mcp.mjs');
+const settingsTab = read('src/components/settings/view/tabs/HermesSettingsTab.tsx');
+
+assert.match(service, /export async function ensureHermesGateway/, 'Pixcode should expose an API-managed Hermes gateway starter.');
+assert.match(service, /export async function probeHermesGateway/, 'Pixcode should probe Hermes through its REST API.');
+assert.match(service, /export async function runHermesGatewayPrompt/, 'Pixcode should submit Hermes prompts through the managed REST gateway.');
+assert.match(service, /export async function requestHermesGateway/, 'Pixcode should proxy documented Hermes gateway endpoints such as /api/jobs.');
+assert.match(service, /export async function readHermesDiagnostics/, 'Pixcode should expose redacted Hermes diagnostics for config, auth, MCP, gateway, and cron state.');
+assert.match(service, /export async function readHermesControlPlane/, 'Pixcode should expose a Hermes Desktop-style control-plane snapshot.');
+assert.match(service, /export async function repairHermesControlPlane/, 'Pixcode should expose a Hermes control-plane repair path.');
+assert.match(service, /export function stopHermesGateway/, 'Pixcode should be able to stop a managed Hermes gateway process.');
+assert.match(service, /\/v1\/chat\/completions/, 'Hermes UI chat should use the documented OpenAI-compatible chat completions endpoint first.');
+assert.match(service, /\/v1\/responses/, 'Hermes UI chat should use the stateful OpenAI-compatible responses endpoint before legacy chat fallback.');
+assert.match(service, /transport:\s*'responses'/, 'Hermes REST responses should report their transport for terminal proof output.');
+assert.match(service, /resolveHermesGatewayHome/, 'Hermes REST gateway should run from a Pixcode-managed Hermes profile.');
+assert.match(service, /seedHermesGatewayHome/, 'Hermes REST gateway should seed the managed profile from the user Hermes profile.');
+assert.match(service, /PIXCODE_HERMES_GATEWAY_HOME/, 'Hermes REST gateway profile path should be overrideable for tests and advanced installs.');
+assert.match(service, /PIXCODE_MANAGED_HERMES_ENV_PREFIXES/, 'Managed Hermes gateway profile should strip messaging platform env vars.');
+assert.match(service, /copyHermesProfileEnv/, 'Managed Hermes gateway profile should copy a sanitized .env instead of raw platform credentials.');
+assert.match(service, /gatewayArgs[\s\S]+\['gateway', 'run', '--replace'\]/, 'Pixcode can use replace mode safely inside its managed Hermes gateway profile.');
+assert.match(service, /gatewayExitMessage/, 'Hermes gateway failures should include recent stderr/stdout instead of only exit code 1.');
+assert.match(service, /API_SERVER_ENABLED:\s*'true'/, 'Hermes gateway env should enable the API server.');
+assert.match(service, /API_SERVER_KEY/, 'Hermes gateway env should set a bearer key.');
+assert.match(service, /API_SERVER_PORT/, 'Hermes gateway env should choose a REST port.');
+assert.match(service, /spawn\(installStatus\.command,\s*gatewayArgs/, 'Pixcode should start Hermes with explicit gateway args for REST control.');
+assert.match(service, /\/health/, 'Gateway probe should call Hermes health.');
+assert.match(service, /\/v1\/capabilities/, 'Gateway probe should verify Hermes capabilities.');
+assert.match(service, /\/v1\/models/, 'Gateway probe should verify OpenAI-compatible model discovery.');
+assert.match(service, /\/v1\/runs/, 'Gateway probe should support a real run submission when requested.');
+
+assert.match(routes, /router\.get\('\/gateway\/status'/, 'Hermes router should expose gateway status.');
+assert.match(routes, /router\.post\('\/gateway\/start'/, 'Hermes router should expose gateway start.');
+assert.match(routes, /router\.post\('\/gateway\/probe'/, 'Hermes router should expose a REST probe endpoint.');
+assert.match(routes, /router\.post\('\/gateway\/chat'/, 'Hermes router should expose a REST chat endpoint.');
+assert.match(routes, /router\.post\('\/gateway\/request'/, 'Hermes router should expose a generic documented gateway request endpoint.');
+assert.match(routes, /router\.get\('\/diagnostics'/, 'Hermes router should expose integration diagnostics.');
+assert.match(routes, /router\.get\('\/control-plane'/, 'Hermes router should expose a control-plane snapshot endpoint.');
+assert.match(routes, /router\.post\('\/control-plane\/repair'/, 'Hermes router should expose a control-plane repair endpoint.');
+assert.match(routes, /router\.post\('\/gateway\/stop'/, 'Hermes router should expose gateway stop.');
+assert.match(routes, /ensureHermesGateway/, 'Hermes router should use the managed gateway service.');
+assert.match(routes, /probeHermesGateway/, 'Hermes router should use the REST probe service.');
+assert.match(routes, /runHermesGatewayPrompt/, 'Hermes router should send chat prompts through the REST gateway service.');
+assert.match(routes, /resolveHermesMcpBaseUrl/, 'Hermes MCP should be configured against the local Pixcode API URL instead of the browser request host.');
+assert.match(routes, /probeExisting:\s*false/, 'Hermes chat should reuse a running gateway instead of killing it on a transient probe failure.');
+
+assert.match(mcpServer, /pixcode_get_hermes_gateway_status/, 'Pixcode MCP should let Hermes inspect gateway status.');
+assert.match(mcpServer, /pixcode_probe_hermes_gateway/, 'Pixcode MCP should let Hermes trigger a REST probe.');
+assert.match(mcpServer, /pixcode_get_hermes_diagnostics/, 'Pixcode MCP should let Hermes read redacted integration diagnostics.');
+assert.match(mcpServer, /pixcode_get_hermes_control_plane/, 'Pixcode MCP should let Hermes read the full control-plane snapshot.');
+assert.match(mcpServer, /pixcode_repair_hermes_control_plane/, 'Pixcode MCP should let Hermes repair stale control-plane wiring.');
+assert.match(mcpServer, /pixcode_get_api_manifest/, 'Pixcode MCP should let Hermes discover Pixcode API docs.');
+assert.match(mcpServer, /pixcode_api_request/, 'Pixcode MCP should let Hermes call authenticated Pixcode APIs.');
+assert.match(mcpServer, /pixcode_hermes_gateway_request/, 'Pixcode MCP should let Hermes call documented gateway APIs.');
+assert.match(mcpServer, /pixcode_manage_hermes_cron/, 'Pixcode MCP should expose Hermes cron job management.');
+assert.match(mcpServer, /pixcode_send_cli_input/, 'Pixcode MCP should let Hermes continue an existing visible CLI terminal.');
+assert.match(configureMcp, /pixcode_get_hermes_gateway_status/, 'Hermes MCP config should include gateway status tool.');
+assert.match(configureMcp, /pixcode_probe_hermes_gateway/, 'Hermes MCP config should include gateway probe tool.');
+assert.match(configureMcp, /pixcode_get_hermes_diagnostics/, 'Hermes MCP config should include diagnostics tool.');
+assert.match(configureMcp, /pixcode_get_hermes_control_plane/, 'Hermes MCP config should include control-plane snapshot tool.');
+assert.match(configureMcp, /pixcode_repair_hermes_control_plane/, 'Hermes MCP config should include control-plane repair tool.');
+assert.match(configureMcp, /pixcode_manage_hermes_cron/, 'Hermes MCP config should include cron management tool.');
+assert.match(configureMcp, /mcp-pixcode/, 'Hermes MCP config should enable the Pixcode MCP toolset for the real CLI.');
+assert.match(configureMcp, /hermes-cli/, 'Hermes MCP config should keep the native Hermes CLI toolset enabled for cron/files/terminal tools.');
+
+assert.match(settingsTab, /gateway\/status/, 'Hermes settings should read gateway status.');
+assert.match(settingsTab, /gateway\/start/, 'Hermes settings should start the REST gateway via API.');
+assert.match(settingsTab, /gateway\/probe/, 'Hermes settings should run REST probe via API.');
+assert.match(settingsTab, /diagnostics/, 'Hermes settings should render diagnostics from the server.');
+assert.match(settingsTab, /control-plane/, 'Hermes settings should render the control-plane state from the server.');
+
+console.log('hermes REST gateway smoke passed');