@pixelzx/genesis 2026.6.27 → 2026.6.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1090) hide show
  1. package/CHANGELOG.md +6 -0
  2. package/dist/.buildstamp +1 -1
  3. package/dist/abort-DUTWX49H.js +201 -0
  4. package/dist/abort.runtime-B1CZPj3m.js +2 -0
  5. package/dist/abort.runtime.js +1 -1
  6. package/dist/accounts-DFJuQd32.js +107 -0
  7. package/dist/accounts-VbCry_MV.js +104 -0
  8. package/dist/accounts-ZduaK0fO.js +2 -0
  9. package/dist/acp-cli-Cyqn8a7z.js +2217 -0
  10. package/dist/acp-spawn-B1O0qwkN.js +2 -0
  11. package/dist/acp-spawn-C2eEj7wR.js +1042 -0
  12. package/dist/acp-stateful-target-driver-BKL2flGw.js +89 -0
  13. package/dist/action-agents-C9zs0A_N.js +67 -0
  14. package/dist/action-focus-Dj2trHbP.js +132 -0
  15. package/dist/action-help-ENFS-VRC.js +7 -0
  16. package/dist/action-info-IKxta-Me.js +101 -0
  17. package/dist/action-kill-CJGjsHX-.js +33 -0
  18. package/dist/action-list-ChLdMXon.js +21 -0
  19. package/dist/action-log-CdeugqCO.js +30 -0
  20. package/dist/action-send-BvUjnmVw.js +39 -0
  21. package/dist/action-spawn-Xq0DpbW7.js +47 -0
  22. package/dist/action-unfocus-DfcihOhT.js +29 -0
  23. package/dist/actions.runtime-CTjuTpQ1.js +18 -0
  24. package/dist/actions.runtime-Dp93aqpg.js +5 -0
  25. package/dist/actions.runtime.js +1 -1
  26. package/dist/agent-DQZeYp3u.js +2 -0
  27. package/dist/agent-command-CynPQd5_.js +874 -0
  28. package/dist/agent-harness-runtime-D9PrghSe.js +144 -0
  29. package/dist/agent-runner-utils-CwDT31Pp.js +239 -0
  30. package/dist/agent-runner.runtime-kH3GCoKg.js +3443 -0
  31. package/dist/agent-runner.runtime.js +1 -1
  32. package/dist/agent-runtime-BSwK1sup.js +18 -0
  33. package/dist/agents-C9BmPj-C.js +954 -0
  34. package/dist/agents-CQQ7cNF9.js +5 -0
  35. package/dist/aliases-B92uAzO2.js +2 -0
  36. package/dist/aliases-BZsZGqVQ.js +96 -0
  37. package/dist/api-CU22wCTp.js +139 -0
  38. package/dist/api-DD_eTeli.js +5 -0
  39. package/dist/api-sngIL0OQ.js +3 -0
  40. package/dist/approval-gateway-resolver-KouhItZO.js +29 -0
  41. package/dist/approval-gateway-runtime-D7CzOIgq.js +2 -0
  42. package/dist/approval-handler-runtime-CFvI_pZS.js +439 -0
  43. package/dist/approval-native-runtime-rl6s6chH.js +729 -0
  44. package/dist/attempt-execution.runtime-Ba87IenS.js +509 -0
  45. package/dist/attempt-execution.runtime.js +1 -1
  46. package/dist/attempt.prompt-helpers-BbBNMjqU.js +206 -0
  47. package/dist/attempt.tool-run-context-CLlg_9Gq.js +933 -0
  48. package/dist/audit-CQJwJFWH.js +939 -0
  49. package/dist/audit.runtime-CW5CY88A.js +7 -0
  50. package/dist/audit.runtime.js +1 -1
  51. package/dist/auth-DFhah4e4.js +2 -0
  52. package/dist/auth-order-CMWxvLX4.js +2 -0
  53. package/dist/auth-order-D6mEMqD7.js +139 -0
  54. package/dist/auth-s-3q__5n.js +550 -0
  55. package/dist/bash-tools-BCSXSkhx.js +2853 -0
  56. package/dist/bash-tools-D2NO8-ph.js +3 -0
  57. package/dist/binding-routing-DROXsDQk.js +85 -0
  58. package/dist/binding-targets-D33MkugL.js +121 -0
  59. package/dist/bridge-server-3gO7JmL_.js +113 -0
  60. package/dist/browser-control-auth-DS3Wwm1z.js +2 -0
  61. package/dist/browser-node-runtime-DkVkb3tt.js +12 -0
  62. package/dist/browser-profiles-Bk9dcXzv.js +2 -0
  63. package/dist/browser-runtime-dGM3ZeLa.js +387 -0
  64. package/dist/browser-setup-tools-DSgChJEe.js +13 -0
  65. package/dist/build-CjLf_jQl.js +550 -0
  66. package/dist/build-info.json +3 -3
  67. package/dist/bundled/boot-md/handler.js +2 -2
  68. package/dist/bundled/session-memory/handler.js +1 -1
  69. package/dist/call-BxIEVH5N.js +3 -0
  70. package/dist/call-Dwj7PrNe.js +330 -0
  71. package/dist/call.runtime-mZvFxL4G.js +2 -0
  72. package/dist/call.runtime.js +1 -1
  73. package/dist/capability-cli-C-6omBAD.js +1401 -0
  74. package/dist/catchup-Dfw4DEMS.js +300 -0
  75. package/dist/channel-4YVnFcIj.js +297 -0
  76. package/dist/channel-BajDSspb.js +1320 -0
  77. package/dist/channel-BcS5ghfF.js +840 -0
  78. package/dist/channel-BlU_cVm0.js +491 -0
  79. package/dist/channel-BmZ19q9d.js +453 -0
  80. package/dist/channel-C4KfOdTm.js +226 -0
  81. package/dist/channel-C7LNJi1M.js +595 -0
  82. package/dist/channel-CFxTIjzU.js +1174 -0
  83. package/dist/channel-CYDnIh3Z.js +350 -0
  84. package/dist/channel-DBUj2Ysq.js +1802 -0
  85. package/dist/channel-DwWdEu7o.js +1100 -0
  86. package/dist/channel-core-VlXrdyfV.js +5 -0
  87. package/dist/channel-inbound-BzALE-tz.js +31 -0
  88. package/dist/channel-plugin-runtime-BMmEKuoC.js +771 -0
  89. package/dist/channel-runtime-BZXgyMUr.js +425 -0
  90. package/dist/channel.runtime-2Kw88P7w.js +576 -0
  91. package/dist/channel.runtime-Bwnky7Bn.js +2364 -0
  92. package/dist/channel.runtime-CDvvT7UR.js +4 -0
  93. package/dist/channel.runtime-CgP4n1an.js +430 -0
  94. package/dist/channel.runtime-MJe9DoSG.js +89 -0
  95. package/dist/channel.runtime-f0WEEj3o.js +42398 -0
  96. package/dist/channel.runtime.js +1 -1
  97. package/dist/channel.setup-DaZBK_2E.js +10 -0
  98. package/dist/channel2.runtime-CfVIjEhU.js +109 -0
  99. package/dist/channel2.runtime.js +1 -1
  100. package/dist/channels-Bq1GXmZX.js +733 -0
  101. package/dist/channels-cli-DzbssQ5L.js +268 -0
  102. package/dist/chat-CNZDzOWR.js +2830 -0
  103. package/dist/clawbot-cli-UIo3UVaj.js +9 -0
  104. package/dist/cli/daemon-cli.js +3 -3
  105. package/dist/cli-BVKDWfwH.js +72 -0
  106. package/dist/cli-Bp52OQjs.js +219 -0
  107. package/dist/cli-C_289Xdv.js +2 -0
  108. package/dist/cli-kOop_NSN.js +2 -0
  109. package/dist/cli-runner-CP51WTPf.js +286 -0
  110. package/dist/cli-runner.runtime-BtArNV63.js +4 -0
  111. package/dist/cli-runner.runtime-Dy1IJ7UX.js +3 -0
  112. package/dist/cli-runner.runtime.js +1 -1
  113. package/dist/cli-startup-metadata.json +2 -2
  114. package/dist/cli.runtime-2ilydgLb.js +1261 -0
  115. package/dist/cli.runtime.js +1 -1
  116. package/dist/client-BN8cDQr7.js +723 -0
  117. package/dist/client-Doc6u1up.js +138 -0
  118. package/dist/command-auth-oo_Iz0oe.js +76 -0
  119. package/dist/command-config-resolution-BNQbV_C6.js +23 -0
  120. package/dist/command-config-resolution-DIvkjwvj.js +2 -0
  121. package/dist/command-config-resolution.runtime-Dlk7LIJ8.js +2 -0
  122. package/dist/command-config-resolution.runtime.js +1 -1
  123. package/dist/command-registry-Dm8ohcSP.js +4 -0
  124. package/dist/command-registry-core-BxyHXEQ3.js +106 -0
  125. package/dist/command-registry-xVmA85-_.js +9 -0
  126. package/dist/command-secret-gateway-Dej2E5rP.js +528 -0
  127. package/dist/command-status.runtime-CWgNMJi1.js +87 -0
  128. package/dist/command-status.runtime.js +1 -1
  129. package/dist/commands-acp-Ca0l7esb.js +77 -0
  130. package/dist/commands-compact.runtime-DBN1EALw.js +10 -0
  131. package/dist/commands-compact.runtime.js +1 -1
  132. package/dist/commands-handlers.runtime-BrCljWio.js +4599 -0
  133. package/dist/commands-handlers.runtime.js +1 -1
  134. package/dist/commands-status-C0WYf99K.js +16 -0
  135. package/dist/commands-status.runtime-Czim-9LY.js +3 -0
  136. package/dist/commands-status.runtime.js +1 -1
  137. package/dist/commands-subagents-control.runtime-CgiW2mpD.js +3 -0
  138. package/dist/commands-subagents-control.runtime-oCqEcwa7.js +2 -0
  139. package/dist/commands-subagents-control.runtime.js +1 -1
  140. package/dist/commands-system-prompt-BQHZNtSZ.js +157 -0
  141. package/dist/commands-system-prompt-ClJDN8rr.js +2 -0
  142. package/dist/commands.runtime-DwmtsbUc.js +167 -0
  143. package/dist/commands.runtime.js +1 -1
  144. package/dist/compact-DDf0xr2o.js +1096 -0
  145. package/dist/compact.runtime-C4BZuDjJ.js +12 -0
  146. package/dist/compact.runtime.js +1 -1
  147. package/dist/completion-cli-85iaysB7.js +328 -0
  148. package/dist/config-CHPRDFh1.js +252 -0
  149. package/dist/config-cli-DSZ7DNtq.js +1078 -0
  150. package/dist/configure-BR6m0uoi.js +1252 -0
  151. package/dist/configure-CC09fyLr.js +2 -0
  152. package/dist/connect-options-HotLjDKX.js +699 -0
  153. package/dist/control-auth-CBtOUnsz.js +125 -0
  154. package/dist/control-service-D2A1PyZC.js +156 -0
  155. package/dist/control-ui/assets/agents-7cSPVJV0.js +1125 -0
  156. package/dist/control-ui/assets/canvas-IIhBIoAa.js +274 -0
  157. package/dist/control-ui/assets/channel-config-extras-sj_UXv9J.js +2 -0
  158. package/dist/control-ui/assets/channels-B4MTYg8u.js +198 -0
  159. package/dist/control-ui/assets/contacts-CSch1ckf.js +49 -0
  160. package/dist/control-ui/assets/cron-B548qeSj.js +250 -0
  161. package/dist/control-ui/assets/de-DOykxjSu.js +2 -0
  162. package/dist/control-ui/assets/debug-DERT6TQG.js +94 -0
  163. package/dist/control-ui/assets/es-BTwWEPGm.js +2 -0
  164. package/dist/control-ui/assets/fr-DVRwR98L.js +2 -0
  165. package/dist/control-ui/assets/i18n-BPOQLrbx.js +3 -0
  166. package/dist/control-ui/assets/id-BSBAUAzK.js +2 -0
  167. package/dist/control-ui/assets/index-C2CxJps0.js +5981 -0
  168. package/dist/control-ui/assets/instances-DwteyRRi.js +57 -0
  169. package/dist/control-ui/assets/ja-JP-BiD5eOfG.js +2 -0
  170. package/dist/control-ui/assets/ko-BNgLBJdW.js +2 -0
  171. package/dist/control-ui/assets/logs-GdE34D7D.js +74 -0
  172. package/dist/control-ui/assets/mcp-z76x2vB5.js +380 -0
  173. package/dist/control-ui/assets/memory-CsTbP2T4.js +50 -0
  174. package/dist/control-ui/assets/memory-graph-DbZEkTHJ.js +30 -0
  175. package/dist/control-ui/assets/models-j_tXq7Pe.js +86 -0
  176. package/dist/control-ui/assets/nodes-cxO9Enln.js +654 -0
  177. package/dist/control-ui/assets/pl-DrVcqC4t.js +2 -0
  178. package/dist/control-ui/assets/plugins-Rt--bQFn.js +259 -0
  179. package/dist/control-ui/assets/presenter-BiJsRhTg.js +2 -0
  180. package/dist/control-ui/assets/preview-JrK1Lfuv.js +2 -0
  181. package/dist/control-ui/assets/pt-BR-BXlBG1WX.js +2 -0
  182. package/dist/control-ui/assets/sessions-CP6r0JAQ.js +56 -0
  183. package/dist/control-ui/assets/skills-CMy2whFb.js +294 -0
  184. package/dist/control-ui/assets/skills-shared-B-3kgWg3.js +11 -0
  185. package/dist/control-ui/assets/th-DjtYmyBR.js +2 -0
  186. package/dist/control-ui/assets/tr-I0LYx0Ew.js +2 -0
  187. package/dist/control-ui/assets/uk-xilwRRzQ.js +2 -0
  188. package/dist/control-ui/assets/wallet-geRdfgso.js +302 -0
  189. package/dist/control-ui/assets/zh-CN-DHz_bYy_.js +2 -0
  190. package/dist/control-ui/assets/zh-TW-LvBbVYeU.js +2 -0
  191. package/dist/control-ui/index.html +2 -2
  192. package/dist/control-ui-Djt0XDNa.js +1043 -0
  193. package/dist/conversation-id-BwNpVXFJ.js +235 -0
  194. package/dist/conversation-id-CTAeVE9E.js +38 -0
  195. package/dist/conversation-runtime-D6miDW4s.js +31 -0
  196. package/dist/core-CYaV0wrq.js +275 -0
  197. package/dist/cron-cli-BZacbTRu.js +713 -0
  198. package/dist/daemon-cli-BXtGpvAS.js +12 -0
  199. package/dist/dashboard-Ds7c6TJm.js +2 -0
  200. package/dist/dashboard-s1prqGuB.js +81 -0
  201. package/dist/delegate-nycMaKrd.js +64 -0
  202. package/dist/detached-task-runtime-DXFEjX_Y.js +73 -0
  203. package/dist/devices-cli-B2T4Rk-c.js +498 -0
  204. package/dist/diagnostics-669Ookpz.js +154 -0
  205. package/dist/direct-dm-Bwx0l0B5.js +64 -0
  206. package/dist/dispatch-CVFq_KHF.js +1131 -0
  207. package/dist/dispatch-acp-AeVrqG1P.js +981 -0
  208. package/dist/dispatch-acp-manager.runtime-t90xTijh.js +3 -0
  209. package/dist/dispatch-acp-manager.runtime.js +1 -1
  210. package/dist/dispatch-acp.runtime-CLS-txJr.js +19 -0
  211. package/dist/dispatch-acp.runtime.js +1 -1
  212. package/dist/doctor-device-pairing-rAiSum7F.js +307 -0
  213. package/dist/doctor-gateway-daemon-flow-BYlbRkfE.js +250 -0
  214. package/dist/doctor-gateway-health-DGaad6OP.js +63 -0
  215. package/dist/doctor-health-contributions-CYangAn3.js +493 -0
  216. package/dist/doctor-health-woICf2XW.js +59 -0
  217. package/dist/doctor-prompter-oNxd62XO.js +56 -0
  218. package/dist/doctor-workspace-status-DrOqBwKh.js +75 -0
  219. package/dist/dreaming-narrative-SeHukrla.js +596 -0
  220. package/dist/dreaming-qiznoCiH.js +1582 -0
  221. package/dist/embedded-gateway-stub.runtime-BiCMn9tm.js +9 -0
  222. package/dist/embedded-gateway-stub.runtime.js +1 -1
  223. package/dist/embeddings-http-DbBwgwsH.js +205 -0
  224. package/dist/entry.js +2 -2
  225. package/dist/exec-approvals-cli-BK9WM7tB.js +498 -0
  226. package/dist/extensionAPI.js +1 -1
  227. package/dist/extensions/active-memory/index.js +1 -1
  228. package/dist/extensions/bluebubbles/api.js +3 -3
  229. package/dist/extensions/bluebubbles/channel-plugin-api.js +1 -1
  230. package/dist/extensions/browser/browser-bridge.js +1 -1
  231. package/dist/extensions/browser/browser-config.js +4 -4
  232. package/dist/extensions/browser/browser-control-auth.js +2 -2
  233. package/dist/extensions/browser/browser-doctor.js +2 -2
  234. package/dist/extensions/browser/browser-maintenance.js +2 -2
  235. package/dist/extensions/browser/browser-profiles.js +2 -2
  236. package/dist/extensions/browser/browser-runtime-api.js +10 -10
  237. package/dist/extensions/browser/index.js +1 -1
  238. package/dist/extensions/browser/plugin-registration.js +1 -1
  239. package/dist/extensions/browser/register.runtime.js +3 -3
  240. package/dist/extensions/browser/runtime-api.js +11 -11
  241. package/dist/extensions/browser/test-support.js +1 -1
  242. package/dist/extensions/device-pair/api.js +1 -1
  243. package/dist/extensions/device-pair/index.js +3 -3
  244. package/dist/extensions/device-pair/notify.js +1 -1
  245. package/dist/extensions/device-pair/pair-command-approve.js +1 -1
  246. package/dist/extensions/google-meet/index.js +2 -2
  247. package/dist/extensions/imessage/api.js +3 -3
  248. package/dist/extensions/imessage/channel-plugin-api.js +1 -1
  249. package/dist/extensions/imessage/runtime-api.js +3 -3
  250. package/dist/extensions/irc/api.js +2 -2
  251. package/dist/extensions/irc/channel-plugin-api.js +1 -1
  252. package/dist/extensions/line/api.js +2 -2
  253. package/dist/extensions/line/channel-plugin-api.js +1 -1
  254. package/dist/extensions/line/contract-api.js +1 -1
  255. package/dist/extensions/line/runtime-api.js +4 -4
  256. package/dist/extensions/line/setup-api.js +1 -1
  257. package/dist/extensions/llm-task/index.js +2 -2
  258. package/dist/extensions/lobster/index.js +3 -3
  259. package/dist/extensions/lobster/runtime-api.js +1 -1
  260. package/dist/extensions/mattermost/api.js +1 -1
  261. package/dist/extensions/mattermost/channel-plugin-api.js +1 -1
  262. package/dist/extensions/mattermost/channel-plugin-runtime.js +1 -1
  263. package/dist/extensions/mattermost/policy-api.js +1 -1
  264. package/dist/extensions/mattermost/runtime-api.js +4 -4
  265. package/dist/extensions/mattermost/slash-route-api.js +1 -1
  266. package/dist/extensions/memory-core/api.js +1 -1
  267. package/dist/extensions/memory-core/cli-metadata.js +2 -2
  268. package/dist/extensions/memory-core/index.js +3 -3
  269. package/dist/extensions/memory-lancedb/cli-metadata.js +1 -1
  270. package/dist/extensions/msteams/api.js +1 -1
  271. package/dist/extensions/msteams/channel-plugin-api.js +1 -1
  272. package/dist/extensions/msteams/runtime-api.js +3 -3
  273. package/dist/extensions/msteams/test-api.js +1 -1
  274. package/dist/extensions/nextcloud-talk/api.js +1 -1
  275. package/dist/extensions/nextcloud-talk/channel-plugin-api.js +1 -1
  276. package/dist/extensions/nextcloud-talk/runtime-api.js +2 -2
  277. package/dist/extensions/openshell/index.js +2 -2
  278. package/dist/extensions/signal/api.js +6 -6
  279. package/dist/extensions/signal/channel-plugin-api.js +1 -1
  280. package/dist/extensions/signal/reaction-runtime-api.js +1 -1
  281. package/dist/extensions/signal/runtime-api.js +7 -7
  282. package/dist/extensions/skill-workshop/api.js +1 -1
  283. package/dist/extensions/skill-workshop/index.js +1 -1
  284. package/dist/extensions/synology-chat/api.js +1 -1
  285. package/dist/extensions/synology-chat/channel-plugin-api.js +1 -1
  286. package/dist/extensions/tlon/api.js +2 -2
  287. package/dist/extensions/tlon/channel-plugin-api.js +1 -1
  288. package/dist/extensions/tlon/runtime-api.js +1 -1
  289. package/dist/extensions/tlon/test-api.js +1 -1
  290. package/dist/extensions/twitch/api.js +1 -1
  291. package/dist/extensions/twitch/channel-plugin-api.js +1 -1
  292. package/dist/extensions/twitch/setup-plugin-api.js +1 -1
  293. package/dist/extensions/zalo/api.js +3 -3
  294. package/dist/extensions/zalo/channel-plugin-api.js +1 -1
  295. package/dist/extensions/zalo/runtime-api.js +2 -2
  296. package/dist/extensions/zalo/setup-api.js +2 -2
  297. package/dist/extensions/zalouser/api.js +3 -3
  298. package/dist/extensions/zalouser/channel-plugin-api.js +1 -1
  299. package/dist/extensions/zalouser/runtime-api.js +6 -6
  300. package/dist/extensions/zalouser/setup-plugin-api.js +1 -1
  301. package/dist/extensions/zalouser/test-api.js +1 -1
  302. package/dist/fallbacks-BHahSac7.js +31 -0
  303. package/dist/fallbacks-CDP89dtv.js +2 -0
  304. package/dist/fallbacks-shared-h_ZN8Ugk.js +111 -0
  305. package/dist/gateway-ClYGJe6R.js +115 -0
  306. package/dist/gateway-cli-D5OEgdCv.js +1283 -0
  307. package/dist/gateway-rpc-Dk_z0RTG.js +14 -0
  308. package/dist/gateway-rpc.runtime-DcDI0Hq7.js +23 -0
  309. package/dist/gateway-rpc.runtime.js +1 -1
  310. package/dist/gateway-runtime-BpOf_2ps.js +15 -0
  311. package/dist/gateway-status-BfT8gHrq.js +584 -0
  312. package/dist/genesis-tools-Dn3v15Cu.js +9435 -0
  313. package/dist/genesis-tools.runtime-BUKXOBx4.js +2 -0
  314. package/dist/genesis-tools.runtime.js +1 -1
  315. package/dist/get-reply-BOvlxgUu.js +3946 -0
  316. package/dist/get-reply-from-config.runtime-Cl8vSh_k.js +2 -0
  317. package/dist/get-reply-from-config.runtime.js +1 -1
  318. package/dist/graph-users-DvflifYV.js +1337 -0
  319. package/dist/health-B2xJjrkJ.js +3 -0
  320. package/dist/health-CWa-e_Y6.js +420 -0
  321. package/dist/health-route-CzxBmoPR.js +41 -0
  322. package/dist/health-route-Dhbg2HGJ.js +2 -0
  323. package/dist/hooks-cli-B08Wk2kj.js +433 -0
  324. package/dist/http-endpoint-helpers-CG3AcjuK.js +41 -0
  325. package/dist/http-utils-L02eBAVo.js +924 -0
  326. package/dist/image-fallbacks-DPTpHhw_.js +2 -0
  327. package/dist/image-fallbacks-DrcfSUln.js +31 -0
  328. package/dist/inbound-reply-dispatch-D2K6Anyc.js +73 -0
  329. package/dist/index.js +2 -2
  330. package/dist/infra-runtime-Pu3jXc5f.js +38 -0
  331. package/dist/init-B2qJ52Z_.js +59 -0
  332. package/dist/library-JmPoINsm.js +45 -0
  333. package/dist/lifecycle-BRey6jez.js +229 -0
  334. package/dist/lifecycle-CvJT6tH9.js +571 -0
  335. package/dist/lifecycle.runtime-DJuQgwAu.js +2 -0
  336. package/dist/lifecycle.runtime.js +1 -1
  337. package/dist/list-0KYh_6xs.js +131 -0
  338. package/dist/list-B1iP8wTX.js +2 -0
  339. package/dist/list-CewinhHi.js +1212 -0
  340. package/dist/list-DPm9exQP.js +2 -0
  341. package/dist/list.probe-M4jUIgk8.js +419 -0
  342. package/dist/llm-slug-generator-CQiB4f0s.js +79 -0
  343. package/dist/llm-slug-generator.js +1 -1
  344. package/dist/load-config-oEWSSW5T.js +35 -0
  345. package/dist/local-dispatch.runtime-rI2L9gZz.js +8 -0
  346. package/dist/local-dispatch.runtime.js +1 -1
  347. package/dist/logs-cli-qUQbKPpd.js +265 -0
  348. package/dist/logs-cli.runtime-DZwxYUL2.js +2 -0
  349. package/dist/logs-cli.runtime.js +1 -1
  350. package/dist/main-session-restart-recovery-Dw8zndAD.js +206 -0
  351. package/dist/managed-image-attachments-B_835Hjd.js +635 -0
  352. package/dist/managed-image-attachments-Dp_0diDL.js +2 -0
  353. package/dist/manager-CRmLomjS.js +2 -0
  354. package/dist/manager-yTOglQEH.js +2057 -0
  355. package/dist/markdown-to-line-D6Y5rN1y.js +790 -0
  356. package/dist/mcp/plugin-tools-serve.js +1 -1
  357. package/dist/mcp-cli-DZi-FzRz.js +725 -0
  358. package/dist/mcp-http-DaXlqh6n.js +529 -0
  359. package/dist/memory-core-host-runtime-cli-K2SeZLMj.js +9 -0
  360. package/dist/message-Bk0q8DmN.js +232 -0
  361. package/dist/message-action-runner-BIi8DCoo.js +2 -0
  362. package/dist/message-action-runner-CmhjNg6K.js +1407 -0
  363. package/dist/message-actions-BDXFXc2E.js +143 -0
  364. package/dist/message.gateway.runtime-fPnMn6QV.js +2 -0
  365. package/dist/message.gateway.runtime.js +1 -1
  366. package/dist/method-scopes-D_AZ7OsK.js +235 -0
  367. package/dist/models-auth-status-0xcMbBhB.js +217 -0
  368. package/dist/models-cli-DuQZ09TC.js +271 -0
  369. package/dist/models-http-DruY6N81.js +92 -0
  370. package/dist/monitor-2KbmBvHU.js +2 -0
  371. package/dist/monitor-B2yQJkAh.js +1459 -0
  372. package/dist/monitor-CD4mrtqF.js +1661 -0
  373. package/dist/monitor-CJ6A4Ro2.js +788 -0
  374. package/dist/monitor-D19pDt5p.js +1237 -0
  375. package/dist/monitor-GQtwMpZn.js +671 -0
  376. package/dist/monitor-auth-DJ9S4EQV.js +207 -0
  377. package/dist/monitor-processing-BMv5voti.js +1974 -0
  378. package/dist/monitor.runtime-GizvASio.js +2 -0
  379. package/dist/monitor.runtime.js +1 -1
  380. package/dist/monitor.webhook-DzvH3io8.js +180 -0
  381. package/dist/msteams-7Jx25GW4.js +35 -0
  382. package/dist/native-hook-relay-DwgVW-el.js +519 -0
  383. package/dist/nextcloud-talk-gXnN0EKl.js +17 -0
  384. package/dist/node-cli-Bd8iT-US.js +2276 -0
  385. package/dist/nodes-cli-xAd3vxyV.js +1046 -0
  386. package/dist/nodes-utils-qg-Bmmy5.js +84 -0
  387. package/dist/nodes.helpers-B42Vi8VW.js +34 -0
  388. package/dist/notify-DArpzHFF.js +315 -0
  389. package/dist/onboard-DKr9c-h5.js +70 -0
  390. package/dist/onboard-f_tqlGVL.js +2 -0
  391. package/dist/onboard-helpers-Begz93UO.js +6 -0
  392. package/dist/onboard-helpers-Di14BUn2.js +204 -0
  393. package/dist/onboard-interactive-DjJo_FLY.js +24 -0
  394. package/dist/onboard-non-interactive-CgxwxSiw.js +635 -0
  395. package/dist/onboard-remote-BhcRxYvn.js +2 -0
  396. package/dist/onboard-remote-CEeT7hEZ.js +193 -0
  397. package/dist/onboard-skills-CTTUg6pf.js +134 -0
  398. package/dist/onboard-skills-DWTbOfH1.js +2 -0
  399. package/dist/openai-http-C2-8VSih.js +500 -0
  400. package/dist/openresponses-http-DgsTPUc1.js +1128 -0
  401. package/dist/operator-approvals-client-D1R6aLFV.js +68 -0
  402. package/dist/outbound.runtime-DDAlqr2n.js +2 -0
  403. package/dist/outbound.runtime.js +1 -1
  404. package/dist/pair-command-approve-BqXU_u3_.js +44 -0
  405. package/dist/persistent-bindings.lifecycle-0cee5HeB.js +85 -0
  406. package/dist/persistent-bindings.lifecycle-DTgwTu9k.js +2 -0
  407. package/dist/pi-embedded-BMKZLrrD.js +2905 -0
  408. package/dist/pi-embedded-C1_8L609.js +4 -0
  409. package/dist/pi-embedded.runtime-CEcUCfnu.js +4 -0
  410. package/dist/pi-embedded.runtime.js +1 -1
  411. package/dist/pi-tool-definition-adapter-B1q4cAB_.js +229 -0
  412. package/dist/pi-tools-CE3UX10v.js +1118 -0
  413. package/dist/pi-tools.before-tool-call-BsMfbO7W.js +433 -0
  414. package/dist/pi-tools.before-tool-call-DGY-rj-6.js +2 -0
  415. package/dist/plugin-dDMX1n9i.js +12195 -0
  416. package/dist/plugin-enabled-CCcxlblr.js +140 -0
  417. package/dist/plugin-registration-CTIg2xi-.js +23 -0
  418. package/dist/plugin-sdk/.boundary-entry-shims.stamp +1 -1
  419. package/dist/plugin-sdk/acp-binding-runtime.js +1 -1
  420. package/dist/plugin-sdk/acp-runtime.js +2 -2
  421. package/dist/plugin-sdk/agent-harness-runtime.js +5 -5
  422. package/dist/plugin-sdk/agent-harness.js +6 -6
  423. package/dist/plugin-sdk/agent-runtime.js +2 -2
  424. package/dist/plugin-sdk/approval-gateway-runtime.js +2 -2
  425. package/dist/plugin-sdk/approval-handler-runtime.js +3 -3
  426. package/dist/plugin-sdk/approval-runtime.js +1 -1
  427. package/dist/plugin-sdk/browser-node-runtime.js +4 -4
  428. package/dist/plugin-sdk/browser-setup-tools.js +3 -3
  429. package/dist/plugin-sdk/browser-support.js +7 -7
  430. package/dist/plugin-sdk/channel-core.js +2 -2
  431. package/dist/plugin-sdk/channel-inbound.js +2 -2
  432. package/dist/plugin-sdk/command-auth.js +1 -1
  433. package/dist/plugin-sdk/command-status-runtime.js +1 -1
  434. package/dist/plugin-sdk/compat.js +1 -1
  435. package/dist/plugin-sdk/conversation-binding-runtime.js +1 -1
  436. package/dist/plugin-sdk/conversation-runtime.js +3 -3
  437. package/dist/plugin-sdk/core.js +2 -2
  438. package/dist/plugin-sdk/direct-dm.js +1 -1
  439. package/dist/plugin-sdk/gateway-runtime.js +3 -3
  440. package/dist/plugin-sdk/inbound-reply-dispatch.js +1 -1
  441. package/dist/plugin-sdk/index.js +1 -1
  442. package/dist/plugin-sdk/infra-runtime.js +2 -2
  443. package/dist/plugin-sdk/irc.js +2 -2
  444. package/dist/plugin-sdk/matrix.js +1 -1
  445. package/dist/plugin-sdk/memory-core-host-runtime-cli.js +2 -2
  446. package/dist/plugin-sdk/memory-core.js +2 -2
  447. package/dist/plugin-sdk/msteams.js +2 -2
  448. package/dist/plugin-sdk/nextcloud-talk.js +2 -2
  449. package/dist/plugin-sdk/nostr.js +1 -1
  450. package/dist/plugin-sdk/reply-dispatch-runtime.js +1 -1
  451. package/dist/plugin-sdk/reply-runtime.js +4 -4
  452. package/dist/plugin-sdk/runtime-secret-resolution.js +1 -1
  453. package/dist/plugin-sdk/runtime.js +2 -2
  454. package/dist/plugin-sdk/session-visibility.js +1 -1
  455. package/dist/plugin-sdk/src/gateway/protocol/index.d.ts +4 -1
  456. package/dist/plugin-sdk/src/gateway/protocol/schema/agents-models-skills.d.ts +95 -0
  457. package/dist/plugin-sdk/testing.js +4 -4
  458. package/dist/plugin-sdk/tlon.js +1 -1
  459. package/dist/plugin-sdk/zalo.js +1 -1
  460. package/dist/plugin-sdk/zalouser.js +1 -1
  461. package/dist/plugin-service-Byv2yfiX.js +2893 -0
  462. package/dist/plugins/runtime/index.js +1 -1
  463. package/dist/policy-BK0iZFZM.js +328 -0
  464. package/dist/postinstall-inventory.json +453 -452
  465. package/dist/prepare.runtime-BMtgLZl1.js +807 -0
  466. package/dist/prepare.runtime.js +1 -1
  467. package/dist/probe-Bj3sjcpc.js +2205 -0
  468. package/dist/probe-C6wNv6c4.js +74 -0
  469. package/dist/probe-CM5o3wKp.js +240 -0
  470. package/dist/probe-D3D0RoQl.js +45 -0
  471. package/dist/probe-DlY3dg7v.js +2 -0
  472. package/dist/probe-TN3P-dCa.js +2 -0
  473. package/dist/probe-pZ61Idl1.js +1443 -0
  474. package/dist/program-TZ54mZzH.js +111 -0
  475. package/dist/prompt-select-styled-DFXPq9zJ.js +20 -0
  476. package/dist/protocol-CWEBsZbG.js +2515 -0
  477. package/dist/provider-dispatcher-9FnI26kR.js +2 -0
  478. package/dist/provider-dispatcher-D30lsDyd.js +22 -0
  479. package/dist/qr-cli-CoEq74Fu.js +2 -0
  480. package/dist/qr-cli-DxaXK8T4.js +349 -0
  481. package/dist/reaction-runtime-api-CGWfmWqF.js +116 -0
  482. package/dist/reactions-D1tny1P_.js +998 -0
  483. package/dist/register-service-commands-D5181r0Q.js +71 -0
  484. package/dist/register.agent-DWwOD6q5.js +248 -0
  485. package/dist/register.configure-CZx6uXuU.js +15 -0
  486. package/dist/register.maintenance-1yV569VU.js +363 -0
  487. package/dist/register.message-DqosH9zI.js +329 -0
  488. package/dist/register.onboard-DBa5bh4F.js +88 -0
  489. package/dist/register.runtime-AUXvOvfy.js +81 -0
  490. package/dist/register.runtime.js +1 -1
  491. package/dist/register.setup-1k0y27Bf.js +150 -0
  492. package/dist/register.status-health-sessions-3SuqckJe.js +1215 -0
  493. package/dist/register.subclis-1vwiREuy.js +3 -0
  494. package/dist/register.subclis-core-CoUcH7R2.js +249 -0
  495. package/dist/register.subclis-d6Uoake0.js +29 -0
  496. package/dist/reply-dispatch-runtime-B2jwG-ti.js +13 -0
  497. package/dist/reply-runtime-BvyACHP_.js +10 -0
  498. package/dist/reply.runtime-B76FIMUm.js +2 -0
  499. package/dist/reply.runtime.js +1 -1
  500. package/dist/restart-health-C1m4VgKE.js +2 -0
  501. package/dist/restart-health-CSxm-1Te.js +202 -0
  502. package/dist/root-help-Cw7ovqRO.js +44 -0
  503. package/dist/routes-B9j5MeTj.js +2 -0
  504. package/dist/routes-BCJWRxzD.js +3341 -0
  505. package/dist/rpc-_zAZRj2-.js +61 -0
  506. package/dist/rpc.runtime-C3rwvN8O.js +21 -0
  507. package/dist/rpc.runtime.js +1 -1
  508. package/dist/run-delivery.runtime-CXmj98lV.js +530 -0
  509. package/dist/run-delivery.runtime.js +1 -1
  510. package/dist/run-embedded.runtime-yli8ukW0.js +4 -0
  511. package/dist/run-embedded.runtime.js +1 -1
  512. package/dist/run-execution-cli.runtime-CjDLajis.js +4 -0
  513. package/dist/run-execution-cli.runtime.js +1 -1
  514. package/dist/run-executor.runtime-SwHBKuy1.js +277 -0
  515. package/dist/run-executor.runtime.js +1 -1
  516. package/dist/run-main-DPHpfv1y.js +567 -0
  517. package/dist/run-subagent-registry.runtime-CWv2s5wn.js +2 -0
  518. package/dist/run-subagent-registry.runtime.js +1 -1
  519. package/dist/run-wait-CpSEiESO.js +135 -0
  520. package/dist/runtime-CMHLmvAl.js +961 -0
  521. package/dist/runtime-api-CLkOuqkP.js +4 -0
  522. package/dist/runtime-api-DgKObkOQ.js +9 -0
  523. package/dist/runtime-api-bWUB21Eg.js +9 -0
  524. package/dist/runtime-api-rryD3LXE.js +14 -0
  525. package/dist/runtime-embedded-pi.runtime-DuHPAbVt.js +2 -0
  526. package/dist/runtime-embedded-pi.runtime.js +1 -1
  527. package/dist/runtime-fF-k_rB8.js +9 -0
  528. package/dist/runtime-internal-By95Az_F.js +2 -0
  529. package/dist/runtime-options-BsxnM5Yt.js +275 -0
  530. package/dist/runtime-schema-P9TAqWy1.js +28599 -0
  531. package/dist/scan-CKfozblZ.js +2 -0
  532. package/dist/scan-CVwpGz6x.js +523 -0
  533. package/dist/secrets-cli-pXjlA7bi.js +2101 -0
  534. package/dist/security-cli-ChIBksL4.js +486 -0
  535. package/dist/selection-CIX2NWC3.js +7743 -0
  536. package/dist/selection-FiKxtpP7.js +2 -0
  537. package/dist/send-13tmI7yl.js +102 -0
  538. package/dist/send-BudgB3Xv.js +156 -0
  539. package/dist/send.runtime-CWWkq3eQ.js +2 -0
  540. package/dist/send.runtime.js +1 -1
  541. package/dist/server-CRbNiI2L.js +13 -0
  542. package/dist/server-DPwckotj.js +77 -0
  543. package/dist/server-context-DnmrGIHL.js +847 -0
  544. package/dist/server-context-GFvl1Fa1.js +2 -0
  545. package/dist/server-node-events-Boy823tY.js +474 -0
  546. package/dist/server-plugin-bootstrap-BEm4d2by.js +2 -0
  547. package/dist/server-plugin-bootstrap-BLp3Ri_D.js +13355 -0
  548. package/dist/server-restart-sentinel-D1dhBlz5.js +684 -0
  549. package/dist/server.impl-CuEQ_ANR.js +12790 -0
  550. package/dist/session-kill-http-CKkRPXTD.js +110 -0
  551. package/dist/session-reset-service-BI9uiJ1F.js +497 -0
  552. package/dist/session-route-Dy5b9CbY.js +93 -0
  553. package/dist/session-status.runtime-HByTPp-H.js +2 -0
  554. package/dist/session-status.runtime.js +1 -1
  555. package/dist/session-subagent-reactivation.runtime-BOWBAfyc.js +2 -0
  556. package/dist/session-subagent-reactivation.runtime.js +1 -1
  557. package/dist/session-tab-registry-Ce31KjnI.js +581 -0
  558. package/dist/session-visibility-BB6i8ptT.js +147 -0
  559. package/dist/sessions-helpers-DYP9dapI.js +305 -0
  560. package/dist/sessions-history-http-j8ZxsBAn.js +371 -0
  561. package/dist/sessions-patch-D4ye8mVh.js +309 -0
  562. package/dist/sessions-resolve-Bi2bj6c-.js +174 -0
  563. package/dist/sessions.runtime-VkodyiYI.js +2 -0
  564. package/dist/sessions.runtime.js +1 -1
  565. package/dist/setup-api-6GX_eeAs.js +29 -0
  566. package/dist/setup-core-BGUg4eV0.js +171 -0
  567. package/dist/setup-core-CpfGqHuS.js +176 -0
  568. package/dist/setup-hFAlSbTL.js +636 -0
  569. package/dist/setup-surface-DSvYQ0Mf.js +219 -0
  570. package/dist/setup-surface-DT8l0x7M.js +403 -0
  571. package/dist/setup-surface-gdmDKJFO.js +286 -0
  572. package/dist/setup.finalize-m_UzKyZ2.js +547 -0
  573. package/dist/setup.gateway-config-DHQ8eaxx.js +250 -0
  574. package/dist/shared-BY5yIWjE.js +198 -0
  575. package/dist/shared-BtY5n-4U.js +76 -0
  576. package/dist/shared-DPf8cDHL.js +121 -0
  577. package/dist/slash-state-j62N8ife.js +1911 -0
  578. package/dist/src-BYHA6DRU.js +3974 -0
  579. package/dist/startup-context-DZml_gZY.js +312 -0
  580. package/dist/status-BCr0D4CJ.js +2 -0
  581. package/dist/status-Bi8EbpXB.js +395 -0
  582. package/dist/status-CPAE20nX.js +209 -0
  583. package/dist/status-D-wIma3c.js +3 -0
  584. package/dist/status-DLmFJkIX.js +2 -0
  585. package/dist/status-DhpFLjkt.js +190 -0
  586. package/dist/status-all-AuiqtGQ-.js +498 -0
  587. package/dist/status-json-BUhA_seV.js +14 -0
  588. package/dist/status-json-command-Dk8RVvC9.js +82 -0
  589. package/dist/status-runtime-shared-BK7fklEl.js +241 -0
  590. package/dist/status-subagents.runtime-DkMpqnmP.js +18 -0
  591. package/dist/status-subagents.runtime.js +1 -1
  592. package/dist/status-text-D71CoS-s.js +237 -0
  593. package/dist/status.gateway-connection.runtime-wWu8Kvt4.js +2 -0
  594. package/dist/status.gateway-connection.runtime.js +1 -1
  595. package/dist/status.gather-BlSA6D3i.js +292 -0
  596. package/dist/status.gather-akCtNgln.js +2 -0
  597. package/dist/status.runtime-tPHKyqSk.js +2 -0
  598. package/dist/status.runtime.js +1 -1
  599. package/dist/status.scan-GF1UDZAB.js +65 -0
  600. package/dist/status.scan-overview-D1tTMWSi.js +379 -0
  601. package/dist/status.scan.fast-json-CoLBFhFk.js +132 -0
  602. package/dist/status.scan.fast-json-K69bqOGh.js +2 -0
  603. package/dist/status.summary-Bxh5WwsL.js +200 -0
  604. package/dist/status.summary-Cyr9PxeP.js +2 -0
  605. package/dist/subagent-announce-Dw7-i1-9.js +351 -0
  606. package/dist/subagent-announce-delivery-HYpoItCd.js +726 -0
  607. package/dist/subagent-announce-output-C7rcYYEc.js +364 -0
  608. package/dist/subagent-control-Ds2GYpWL.js +506 -0
  609. package/dist/subagent-followup.runtime-Cd8hCztp.js +68 -0
  610. package/dist/subagent-followup.runtime.js +1 -1
  611. package/dist/subagent-orphan-recovery-BgjubPqf.js +305 -0
  612. package/dist/subagent-registry-CgpGD3GV.js +1753 -0
  613. package/dist/subagent-registry-DxdVLcdG.js +3 -0
  614. package/dist/subagent-registry.runtime.js +1 -1
  615. package/dist/subagent-spawn-BWBNndsp.js +1005 -0
  616. package/dist/system-cli-DyBkQUQb.js +43 -0
  617. package/dist/targets-BadrXaG2.js +67 -0
  618. package/dist/task-executor-C7Wi33fD.js +360 -0
  619. package/dist/task-owner-access-yQv8xMco.js +74 -0
  620. package/dist/task-registry-W5mFPlZX.js +2357 -0
  621. package/dist/task-registry-delivery-runtime-cBNSvuGT.js +3 -0
  622. package/dist/task-registry-delivery-runtime-cJvq2BuY.js +2 -0
  623. package/dist/task-registry.maintenance-Buzo501v.js +2 -0
  624. package/dist/task-registry.maintenance-pJMW_7Am.js +416 -0
  625. package/dist/telegram/token.js +1 -1
  626. package/dist/testing-Dw49ltmR.js +575 -0
  627. package/dist/text-report-CtyXY05r.js +549 -0
  628. package/dist/tool-resolution-BcUPtTtu.js +90 -0
  629. package/dist/tools-effective-inventory-CL0grjv4.js +152 -0
  630. package/dist/tools-invoke-http-BZ8xqe0f.js +206 -0
  631. package/dist/trash-B6l1GwX9.js +24 -0
  632. package/dist/tui-cli-BCn5UWwT.js +4585 -0
  633. package/dist/update-cli-D8bMov5W.js +1759 -0
  634. package/dist/upgrade-iRXz6ZP4.js +1226 -0
  635. package/dist/video-generation-task-status-ESf4kR6F.js +163 -0
  636. package/dist/wait-for-idle-before-flush-C-_kVutK.js +5985 -0
  637. package/dist/wizard-models-jPGu0o7K.js +334 -0
  638. package/package.json +1 -1
  639. package/dist/abort-eELweWEh.js +0 -201
  640. package/dist/abort.runtime-CTayKbQD.js +0 -2
  641. package/dist/accounts-BGM3WHLv.js +0 -107
  642. package/dist/accounts-CjfvnRr8.js +0 -2
  643. package/dist/accounts-Do4oFjnx.js +0 -104
  644. package/dist/acp-cli-CYsQXo19.js +0 -2217
  645. package/dist/acp-spawn-EQ41IhnW.js +0 -2
  646. package/dist/acp-spawn-kNmVaCJg.js +0 -1042
  647. package/dist/acp-stateful-target-driver-CGEmB873.js +0 -89
  648. package/dist/action-agents-DRZhDohG.js +0 -67
  649. package/dist/action-focus-rtD_IZeK.js +0 -132
  650. package/dist/action-help-BxYZoPLZ.js +0 -7
  651. package/dist/action-info-DKIOeV27.js +0 -101
  652. package/dist/action-kill-BSRgreG1.js +0 -33
  653. package/dist/action-list-D_9VcDkU.js +0 -21
  654. package/dist/action-log-B-14uMf6.js +0 -30
  655. package/dist/action-send-DSAXZyLd.js +0 -39
  656. package/dist/action-spawn-CmQA95xS.js +0 -47
  657. package/dist/action-unfocus-CENAeJCf.js +0 -29
  658. package/dist/actions.runtime-BOFiPCqN.js +0 -18
  659. package/dist/actions.runtime-BokGkMaN.js +0 -5
  660. package/dist/agent-aBFNkVS4.js +0 -2
  661. package/dist/agent-command-CAtrEgLC.js +0 -874
  662. package/dist/agent-harness-runtime-BL32XpUV.js +0 -144
  663. package/dist/agent-runner-utils-DqPHTinZ.js +0 -239
  664. package/dist/agent-runner.runtime-Dau-cd0f.js +0 -3443
  665. package/dist/agent-runtime--LWUNBfA.js +0 -18
  666. package/dist/agents-C3k8MTRw.js +0 -5
  667. package/dist/agents-CFtbcew1.js +0 -954
  668. package/dist/aliases-Cgg9M9wt.js +0 -96
  669. package/dist/aliases-fGREp791.js +0 -2
  670. package/dist/api-BcbAyDG9.js +0 -5
  671. package/dist/api-D0pLMgBK.js +0 -139
  672. package/dist/api-NoVni8Sl.js +0 -3
  673. package/dist/approval-gateway-resolver-Cb_c_Zpw.js +0 -29
  674. package/dist/approval-gateway-runtime-CI5kXM2R.js +0 -2
  675. package/dist/approval-handler-runtime-39P31QLp.js +0 -439
  676. package/dist/approval-native-runtime-CeybpRQ8.js +0 -729
  677. package/dist/attempt-execution.runtime-Dd1qMUKN.js +0 -509
  678. package/dist/attempt.prompt-helpers-CaElAXu4.js +0 -206
  679. package/dist/attempt.tool-run-context-Bmny58yh.js +0 -933
  680. package/dist/audit-C41qeFBb.js +0 -939
  681. package/dist/audit.runtime-D8lnHabB.js +0 -7
  682. package/dist/auth-CsVdaaAe.js +0 -2
  683. package/dist/auth-order-BWk3ViLn.js +0 -139
  684. package/dist/auth-order-BbG3V9qM.js +0 -2
  685. package/dist/auth-pqwbxiw7.js +0 -550
  686. package/dist/bash-tools-C_tOXKUP.js +0 -2853
  687. package/dist/bash-tools-D5q7UFgs.js +0 -3
  688. package/dist/binding-routing-CeClBVpB.js +0 -85
  689. package/dist/binding-targets-DdrE0COF.js +0 -121
  690. package/dist/bridge-server-DeAPQe0C.js +0 -113
  691. package/dist/browser-control-auth-Df3M2eI5.js +0 -2
  692. package/dist/browser-node-runtime-n6vhbxwB.js +0 -12
  693. package/dist/browser-profiles-BcaCN3Q6.js +0 -2
  694. package/dist/browser-runtime-D6wFsSX9.js +0 -387
  695. package/dist/browser-setup-tools-O22i2nzo.js +0 -13
  696. package/dist/build-D2RzyOdJ.js +0 -550
  697. package/dist/call-D1wMcFp1.js +0 -330
  698. package/dist/call-DZwpoxKB.js +0 -3
  699. package/dist/call.runtime-_dVLUHfq.js +0 -2
  700. package/dist/capability-cli-DG1nE-2Q.js +0 -1401
  701. package/dist/catchup-CALuX0EW.js +0 -300
  702. package/dist/channel-CNb4SPiv.js +0 -1320
  703. package/dist/channel-CS0Ik7Dq.js +0 -1174
  704. package/dist/channel-CYBGsrs5.js +0 -226
  705. package/dist/channel-Cnt8iXCs.js +0 -297
  706. package/dist/channel-Cq62QSZR.js +0 -1100
  707. package/dist/channel-CuOrQbPa.js +0 -491
  708. package/dist/channel-CwUVg_e3.js +0 -350
  709. package/dist/channel-CxPOVDOa.js +0 -453
  710. package/dist/channel-D8E3vPYf.js +0 -1802
  711. package/dist/channel-Hkm1aCOg.js +0 -840
  712. package/dist/channel-core-UwaoX83l.js +0 -5
  713. package/dist/channel-hzXuigBm.js +0 -595
  714. package/dist/channel-inbound-C88sBchp.js +0 -31
  715. package/dist/channel-plugin-runtime-CDndBSbs.js +0 -771
  716. package/dist/channel-runtime-CpayqA94.js +0 -425
  717. package/dist/channel.runtime-BTGIlCf_.js +0 -42398
  718. package/dist/channel.runtime-Bo7eYpYT.js +0 -576
  719. package/dist/channel.runtime-Cb7E95Ts.js +0 -2364
  720. package/dist/channel.runtime-DNrozvEo.js +0 -4
  721. package/dist/channel.runtime-DRsan2gc.js +0 -430
  722. package/dist/channel.runtime-Je-Ol2c3.js +0 -89
  723. package/dist/channel.setup-BW4k0T2j.js +0 -10
  724. package/dist/channel2.runtime-Bz0QP9sq.js +0 -109
  725. package/dist/channels-BOUEDeFj.js +0 -733
  726. package/dist/channels-cli-BBM3LCGT.js +0 -268
  727. package/dist/chat-0aqpRXk7.js +0 -2830
  728. package/dist/clawbot-cli-CSpQnlO7.js +0 -9
  729. package/dist/cli-BMMCMk2R.js +0 -72
  730. package/dist/cli-CEQfSSaU.js +0 -2
  731. package/dist/cli-DI0JpbBo.js +0 -2
  732. package/dist/cli-NfaQyvCK.js +0 -219
  733. package/dist/cli-runner-DNyuZ5h6.js +0 -286
  734. package/dist/cli-runner.runtime-CR-JwA4O.js +0 -3
  735. package/dist/cli-runner.runtime-Dz6jbCuw.js +0 -4
  736. package/dist/cli.runtime-oxgwFXYo.js +0 -1261
  737. package/dist/client-Bt55zFEY.js +0 -138
  738. package/dist/client-DdJ17SBT.js +0 -723
  739. package/dist/command-auth-BthdrJZs.js +0 -76
  740. package/dist/command-config-resolution-CVMUB11x.js +0 -2
  741. package/dist/command-config-resolution-Gyx8ZctY.js +0 -23
  742. package/dist/command-config-resolution.runtime-BkW8urG9.js +0 -2
  743. package/dist/command-registry-CzoqAliR.js +0 -4
  744. package/dist/command-registry-core-CBbC7zvE.js +0 -106
  745. package/dist/command-registry-otbvPe2S.js +0 -9
  746. package/dist/command-secret-gateway-96Lg7d56.js +0 -528
  747. package/dist/command-status.runtime-Wz0v1rTj.js +0 -87
  748. package/dist/commands-acp-CTKWdZFc.js +0 -77
  749. package/dist/commands-compact.runtime-BvhuA8PX.js +0 -10
  750. package/dist/commands-handlers.runtime-1lMZVKIF.js +0 -4599
  751. package/dist/commands-status-OROpaZRA.js +0 -16
  752. package/dist/commands-status.runtime-CylmITPm.js +0 -3
  753. package/dist/commands-subagents-control.runtime-DPZM15Y8.js +0 -3
  754. package/dist/commands-subagents-control.runtime-DtPr9n7D.js +0 -2
  755. package/dist/commands-system-prompt-CbFMKfpn.js +0 -2
  756. package/dist/commands-system-prompt-DwCsudJL.js +0 -157
  757. package/dist/commands.runtime-nRjRmUst.js +0 -167
  758. package/dist/compact-Bi9T_Zb_.js +0 -1096
  759. package/dist/compact.runtime-DTvVHwbC.js +0 -12
  760. package/dist/completion-cli-Dj97mkii.js +0 -328
  761. package/dist/config-CY6leWe-.js +0 -252
  762. package/dist/config-cli-B_BsNmBg.js +0 -1078
  763. package/dist/configure-CSRRRV1P.js +0 -2
  764. package/dist/configure-CUG1geJf.js +0 -1252
  765. package/dist/connect-options-CnwJQxN0.js +0 -699
  766. package/dist/control-auth-C5i9U0hQ.js +0 -125
  767. package/dist/control-service-Hpi8EaX5.js +0 -156
  768. package/dist/control-ui/assets/agents-Bm9tbRvl.js +0 -1125
  769. package/dist/control-ui/assets/canvas-Dqcz2P-M.js +0 -274
  770. package/dist/control-ui/assets/channel-config-extras-DPhtzROS.js +0 -2
  771. package/dist/control-ui/assets/channels-C4lCtkuE.js +0 -198
  772. package/dist/control-ui/assets/cron-CDnocp54.js +0 -250
  773. package/dist/control-ui/assets/de-BIxTAu8X.js +0 -2
  774. package/dist/control-ui/assets/debug-CLJUkyM0.js +0 -94
  775. package/dist/control-ui/assets/es-BQWbWgIl.js +0 -2
  776. package/dist/control-ui/assets/fr-CWlA2mjJ.js +0 -2
  777. package/dist/control-ui/assets/i18n-zQZN-KVV.js +0 -3
  778. package/dist/control-ui/assets/id-6rCpPVbX.js +0 -2
  779. package/dist/control-ui/assets/index-DNcb9kKN.js +0 -5972
  780. package/dist/control-ui/assets/instances-BmNOHnr0.js +0 -57
  781. package/dist/control-ui/assets/ja-JP-DF-DP5BG.js +0 -2
  782. package/dist/control-ui/assets/ko-DBqpeGub.js +0 -2
  783. package/dist/control-ui/assets/logs-DbPv07V4.js +0 -74
  784. package/dist/control-ui/assets/mcp-CxU-2jb_.js +0 -380
  785. package/dist/control-ui/assets/memory-Cvr3erHb.js +0 -50
  786. package/dist/control-ui/assets/memory-graph-BpmZbNSk.js +0 -30
  787. package/dist/control-ui/assets/models-C7nRZAXy.js +0 -86
  788. package/dist/control-ui/assets/nodes-f2aGvluM.js +0 -654
  789. package/dist/control-ui/assets/pl-5NAsq-Is.js +0 -2
  790. package/dist/control-ui/assets/plugins-5hOroymh.js +0 -259
  791. package/dist/control-ui/assets/presenter-DsN_oVUG.js +0 -2
  792. package/dist/control-ui/assets/preview-Bpt_pTk6.js +0 -2
  793. package/dist/control-ui/assets/pt-BR-Hv8MDaxx.js +0 -2
  794. package/dist/control-ui/assets/sessions-LDFBoP0u.js +0 -56
  795. package/dist/control-ui/assets/skills-DIujrS1_.js +0 -294
  796. package/dist/control-ui/assets/skills-shared-DTBgPO3R.js +0 -11
  797. package/dist/control-ui/assets/th-cg-0LWw9.js +0 -2
  798. package/dist/control-ui/assets/tr-hpqnmvm6.js +0 -2
  799. package/dist/control-ui/assets/uk-DaVOgu9d.js +0 -2
  800. package/dist/control-ui/assets/wallet-CdJCKiSZ.js +0 -302
  801. package/dist/control-ui/assets/zh-CN-BfPyN3yg.js +0 -2
  802. package/dist/control-ui/assets/zh-TW-WbilNUjy.js +0 -2
  803. package/dist/control-ui-CeGNcKzT.js +0 -1043
  804. package/dist/conversation-id-BCbq5NIc.js +0 -38
  805. package/dist/conversation-id-CQI9g_tF.js +0 -235
  806. package/dist/conversation-runtime-DaqqNX-x.js +0 -31
  807. package/dist/core-Tk-dTIXT.js +0 -275
  808. package/dist/cron-cli-DSGzbLxR.js +0 -713
  809. package/dist/daemon-cli-DeV3LyHQ.js +0 -12
  810. package/dist/dashboard-DloYb4F9.js +0 -2
  811. package/dist/dashboard-tuymsSVS.js +0 -81
  812. package/dist/delegate-Dd5wAxfb.js +0 -64
  813. package/dist/detached-task-runtime-DKySZjwC.js +0 -73
  814. package/dist/devices-cli-CYzBu3hZ.js +0 -498
  815. package/dist/diagnostics-3KiMYFlv.js +0 -154
  816. package/dist/direct-dm-CUE3FyXY.js +0 -64
  817. package/dist/dispatch-_wfSU58C.js +0 -1131
  818. package/dist/dispatch-acp-DeRnweaq.js +0 -981
  819. package/dist/dispatch-acp-manager.runtime-BAIqFxld.js +0 -3
  820. package/dist/dispatch-acp.runtime-JlGpWtEz.js +0 -19
  821. package/dist/doctor-device-pairing-DEjdxNU3.js +0 -307
  822. package/dist/doctor-gateway-daemon-flow-DCKalcSh.js +0 -250
  823. package/dist/doctor-gateway-health-BY7EhLu3.js +0 -63
  824. package/dist/doctor-health-ClRZC0ve.js +0 -59
  825. package/dist/doctor-health-contributions-B65HPALZ.js +0 -493
  826. package/dist/doctor-prompter-YrvCLwpe.js +0 -56
  827. package/dist/doctor-workspace-status-B-BuL017.js +0 -75
  828. package/dist/dreaming-DGYWRYq3.js +0 -1582
  829. package/dist/dreaming-narrative-DRKoF-z9.js +0 -596
  830. package/dist/embedded-gateway-stub.runtime-DdjZKa9q.js +0 -9
  831. package/dist/embeddings-http-B3ACs8Ws.js +0 -205
  832. package/dist/exec-approvals-cli-C5DwVIu5.js +0 -498
  833. package/dist/fallbacks-D6L84vVc.js +0 -31
  834. package/dist/fallbacks-D6jO50XF.js +0 -2
  835. package/dist/fallbacks-shared-Dci4IyaY.js +0 -111
  836. package/dist/gateway-cli-BS9kPc9H.js +0 -1283
  837. package/dist/gateway-rpc-B5GtBJRi.js +0 -14
  838. package/dist/gateway-rpc.runtime-CKtiPql1.js +0 -23
  839. package/dist/gateway-runtime-C-kxmrI5.js +0 -15
  840. package/dist/gateway-status-0kWh50js.js +0 -584
  841. package/dist/gateway-tMGzPO6m.js +0 -115
  842. package/dist/genesis-tools-CtMsMRl9.js +0 -9435
  843. package/dist/genesis-tools.runtime-BptuQNAJ.js +0 -2
  844. package/dist/get-reply-B4NwzjDj.js +0 -3946
  845. package/dist/get-reply-from-config.runtime-D07XOnfu.js +0 -2
  846. package/dist/graph-users-Chk0mBZs.js +0 -1337
  847. package/dist/health-BkcL9i__.js +0 -3
  848. package/dist/health-CgLzUl2R.js +0 -420
  849. package/dist/health-route-BySTIyJQ.js +0 -2
  850. package/dist/health-route-P7I71km-.js +0 -41
  851. package/dist/hooks-cli-BMkgaeq9.js +0 -433
  852. package/dist/http-endpoint-helpers-CC_gglfr.js +0 -41
  853. package/dist/http-utils-C7CfxCac.js +0 -924
  854. package/dist/image-fallbacks-BGCt_6uL.js +0 -31
  855. package/dist/image-fallbacks-OrcyF2DC.js +0 -2
  856. package/dist/inbound-reply-dispatch-DYjgJdlo.js +0 -73
  857. package/dist/infra-runtime-AQfhgBFn.js +0 -38
  858. package/dist/init-DPP54t0W.js +0 -59
  859. package/dist/library-DFR5f_Ir.js +0 -45
  860. package/dist/lifecycle-CW2vdQDb.js +0 -571
  861. package/dist/lifecycle-D11XyL6V.js +0 -229
  862. package/dist/lifecycle.runtime-DSWYu3nX.js +0 -2
  863. package/dist/list-BKM6QdOy.js +0 -1212
  864. package/dist/list-CTNJ4-68.js +0 -2
  865. package/dist/list-DtXUyEzG.js +0 -2
  866. package/dist/list-aEqDnDBI.js +0 -131
  867. package/dist/list.probe-Bou6QQPq.js +0 -419
  868. package/dist/llm-slug-generator-Bnt1pOHN.js +0 -79
  869. package/dist/load-config-CBqnIYCC.js +0 -35
  870. package/dist/local-dispatch.runtime-zcsbNVun.js +0 -8
  871. package/dist/logs-cli-TFV7jUp4.js +0 -265
  872. package/dist/logs-cli.runtime-DtiBn5Ch.js +0 -2
  873. package/dist/main-session-restart-recovery-DxN0yklO.js +0 -206
  874. package/dist/managed-image-attachments-BGssrKSl.js +0 -635
  875. package/dist/managed-image-attachments-oy7vi04e.js +0 -2
  876. package/dist/manager-C86vv_vo.js +0 -2
  877. package/dist/manager-ooYadtSy.js +0 -2057
  878. package/dist/markdown-to-line-COdsSmXH.js +0 -790
  879. package/dist/mcp-cli-CAuVc_Pm.js +0 -725
  880. package/dist/mcp-http-DJ1wHZwo.js +0 -529
  881. package/dist/memory-core-host-runtime-cli-BIS_FL5c.js +0 -9
  882. package/dist/message-Bwxr0xiZ.js +0 -232
  883. package/dist/message-action-runner-B65TS-iS.js +0 -1407
  884. package/dist/message-action-runner-CiaRlq7u.js +0 -2
  885. package/dist/message-actions-D64MkmkC.js +0 -143
  886. package/dist/message.gateway.runtime-RW2Yhu37.js +0 -2
  887. package/dist/method-scopes-BkN09VAs.js +0 -232
  888. package/dist/models-auth-status-DzLtMc97.js +0 -217
  889. package/dist/models-cli-CoFUFTED.js +0 -271
  890. package/dist/models-http-DbtJ3UU_.js +0 -92
  891. package/dist/monitor-B4GOsafr.js +0 -671
  892. package/dist/monitor-BABC3pTm.js +0 -1661
  893. package/dist/monitor-BJrqsLpj.js +0 -1459
  894. package/dist/monitor-DiZfArYU.js +0 -1237
  895. package/dist/monitor-auth-DVJNdnse.js +0 -207
  896. package/dist/monitor-ovv5ZrP8.js +0 -788
  897. package/dist/monitor-processing-25Z4qW74.js +0 -1974
  898. package/dist/monitor-zDAbyj7K.js +0 -2
  899. package/dist/monitor.runtime-9UOZT7UY.js +0 -2
  900. package/dist/monitor.webhook-ksEOpU9Y.js +0 -180
  901. package/dist/msteams-D0FDrYYn.js +0 -35
  902. package/dist/native-hook-relay-C_3-6Eke.js +0 -519
  903. package/dist/nextcloud-talk-DKd_xz3W.js +0 -17
  904. package/dist/node-cli-D5KvQ2CT.js +0 -2276
  905. package/dist/nodes-cli-DNNvVAj2.js +0 -1046
  906. package/dist/nodes-utils-CBwEmmq2.js +0 -84
  907. package/dist/nodes.helpers-CAihaPrl.js +0 -34
  908. package/dist/notify-CC_X0-7j.js +0 -315
  909. package/dist/onboard-BdO5P4vD.js +0 -2
  910. package/dist/onboard-ILwgXLYY.js +0 -70
  911. package/dist/onboard-helpers-7z02DFh9.js +0 -204
  912. package/dist/onboard-helpers-Ms4s2EzO.js +0 -6
  913. package/dist/onboard-interactive-BjPiPpZT.js +0 -24
  914. package/dist/onboard-non-interactive-Dj4NGkhK.js +0 -635
  915. package/dist/onboard-remote-DCYnQ04q.js +0 -193
  916. package/dist/onboard-remote-ofkezDbI.js +0 -2
  917. package/dist/onboard-skills-CUjzYHgj.js +0 -2
  918. package/dist/onboard-skills-CbfWgSt7.js +0 -134
  919. package/dist/openai-http-BaMtk-kT.js +0 -500
  920. package/dist/openresponses-http-WKKDY0q5.js +0 -1128
  921. package/dist/operator-approvals-client-4sga8tKU.js +0 -68
  922. package/dist/outbound.runtime-CDHhU73P.js +0 -2
  923. package/dist/pair-command-approve-OYJIc2fu.js +0 -44
  924. package/dist/persistent-bindings.lifecycle-BfHNJZO4.js +0 -2
  925. package/dist/persistent-bindings.lifecycle-DwKmiJYz.js +0 -85
  926. package/dist/pi-embedded-CGFh2Blz.js +0 -4
  927. package/dist/pi-embedded-ooYGUOJZ.js +0 -2905
  928. package/dist/pi-embedded.runtime-B1NpL8rR.js +0 -4
  929. package/dist/pi-tool-definition-adapter-Bl5ufyu3.js +0 -229
  930. package/dist/pi-tools-82qefK6f.js +0 -1118
  931. package/dist/pi-tools.before-tool-call-Db88CRUS.js +0 -2
  932. package/dist/pi-tools.before-tool-call-Dh-5Kzc8.js +0 -433
  933. package/dist/plugin-DwuhlI2I.js +0 -12195
  934. package/dist/plugin-enabled-CfzRQT1B.js +0 -140
  935. package/dist/plugin-registration-XsebPQqy.js +0 -23
  936. package/dist/plugin-service-QJqtKEG5.js +0 -2893
  937. package/dist/policy-DsGoyetK.js +0 -328
  938. package/dist/prepare.runtime-Ca5X_K9Y.js +0 -807
  939. package/dist/probe-0MgKBFel.js +0 -2205
  940. package/dist/probe-9CryCp2o.js +0 -2
  941. package/dist/probe-B8ogIy1E.js +0 -1443
  942. package/dist/probe-B_t63C0q.js +0 -74
  943. package/dist/probe-Cg5_YE3i.js +0 -240
  944. package/dist/probe-DVxDryxE.js +0 -45
  945. package/dist/probe-MDbiDMWz.js +0 -2
  946. package/dist/program-DPoG-10j.js +0 -111
  947. package/dist/prompt-select-styled-CTHDINxc.js +0 -20
  948. package/dist/protocol-zDWsuAk7.js +0 -2477
  949. package/dist/provider-dispatcher-Bgci1rwg.js +0 -2
  950. package/dist/provider-dispatcher-CwSZMOAg.js +0 -22
  951. package/dist/qr-cli-DvJ5xdsh.js +0 -2
  952. package/dist/qr-cli-gzyNSC5u.js +0 -349
  953. package/dist/reaction-runtime-api-BlDTJpo-.js +0 -116
  954. package/dist/reactions-W4Fy8xu5.js +0 -998
  955. package/dist/register-service-commands-BwL9yJxI.js +0 -71
  956. package/dist/register.agent-DhQz75CX.js +0 -248
  957. package/dist/register.configure-CiW5Nm47.js +0 -15
  958. package/dist/register.maintenance-B-bmcOm_.js +0 -363
  959. package/dist/register.message-CB7RGm0D.js +0 -329
  960. package/dist/register.onboard--s57-W_O.js +0 -88
  961. package/dist/register.runtime-aLzIGvj5.js +0 -81
  962. package/dist/register.setup-EvqU6AWF.js +0 -150
  963. package/dist/register.status-health-sessions-LtIU28tG.js +0 -1215
  964. package/dist/register.subclis-Cdyty_Wl.js +0 -29
  965. package/dist/register.subclis-E0e8IhV6.js +0 -3
  966. package/dist/register.subclis-core-DoJitfZR.js +0 -249
  967. package/dist/reply-dispatch-runtime-yhxku4dH.js +0 -13
  968. package/dist/reply-runtime-DMJCIRLh.js +0 -10
  969. package/dist/reply.runtime-ClSSD2-g.js +0 -2
  970. package/dist/restart-health-BOftTaLm.js +0 -202
  971. package/dist/restart-health-Cq5PQJFt.js +0 -2
  972. package/dist/root-help-gILUFRrb.js +0 -44
  973. package/dist/routes-D4r1ezvE.js +0 -3341
  974. package/dist/routes-QfDdU8qI.js +0 -2
  975. package/dist/rpc-BH3MZf04.js +0 -61
  976. package/dist/rpc.runtime-DEqSCvK_.js +0 -21
  977. package/dist/run-delivery.runtime-Ra2LpyjL.js +0 -530
  978. package/dist/run-embedded.runtime-B-b7dF48.js +0 -4
  979. package/dist/run-execution-cli.runtime-rzYYRquv.js +0 -4
  980. package/dist/run-executor.runtime-D3MC8B3s.js +0 -277
  981. package/dist/run-main-ROsTM9o9.js +0 -567
  982. package/dist/run-subagent-registry.runtime-gvfWvULf.js +0 -2
  983. package/dist/run-wait-DYca4W_o.js +0 -135
  984. package/dist/runtime-1Bb9bT_p.js +0 -9
  985. package/dist/runtime-B4JFGWB4.js +0 -961
  986. package/dist/runtime-api-BTGrUC1e.js +0 -14
  987. package/dist/runtime-api-Bhl3_8yF.js +0 -9
  988. package/dist/runtime-api-C-nx_QzF.js +0 -4
  989. package/dist/runtime-api-DlKoDfhQ.js +0 -9
  990. package/dist/runtime-embedded-pi.runtime-BpNxs_WI.js +0 -2
  991. package/dist/runtime-internal-BbUZ7GRn.js +0 -2
  992. package/dist/runtime-options-DvpcqD1R.js +0 -275
  993. package/dist/runtime-schema-DooxQwin.js +0 -28599
  994. package/dist/scan-DpgK8kOr.js +0 -2
  995. package/dist/scan-U6zeFiF4.js +0 -523
  996. package/dist/secrets-cli-DjWSeoBE.js +0 -2101
  997. package/dist/security-cli-CSD7A3_W.js +0 -486
  998. package/dist/selection-C6LjcruV.js +0 -2
  999. package/dist/selection-DTQuCEn8.js +0 -7743
  1000. package/dist/send-DjtE85vk.js +0 -102
  1001. package/dist/send-DrOoCalT.js +0 -156
  1002. package/dist/send.runtime-CoOsNVP2.js +0 -2
  1003. package/dist/server-Bm7KpOGW.js +0 -77
  1004. package/dist/server-C6MOiNs5.js +0 -13
  1005. package/dist/server-context-B4L8Ko8G.js +0 -847
  1006. package/dist/server-context-CdmUY6o_.js +0 -2
  1007. package/dist/server-node-events-D9LfdT_R.js +0 -474
  1008. package/dist/server-plugin-bootstrap-BzB53IG-.js +0 -2
  1009. package/dist/server-plugin-bootstrap-DnXmVUc8.js +0 -13275
  1010. package/dist/server-restart-sentinel-DSfUKsS9.js +0 -684
  1011. package/dist/server.impl-D6b9jfKp.js +0 -12787
  1012. package/dist/session-kill-http-DyjyFGdE.js +0 -110
  1013. package/dist/session-reset-service-7QjMT-P3.js +0 -497
  1014. package/dist/session-route-C0pUoL-m.js +0 -93
  1015. package/dist/session-status.runtime-C7j8HBWm.js +0 -2
  1016. package/dist/session-subagent-reactivation.runtime-D4lP9Yxw.js +0 -2
  1017. package/dist/session-tab-registry-CPJFtGU8.js +0 -581
  1018. package/dist/session-visibility-Bg3eG7Ud.js +0 -147
  1019. package/dist/sessions-helpers-C0F_CCx_.js +0 -305
  1020. package/dist/sessions-history-http-Bee2KxDh.js +0 -371
  1021. package/dist/sessions-patch-yHBQNF3A.js +0 -309
  1022. package/dist/sessions-resolve-D_3EYokX.js +0 -174
  1023. package/dist/sessions.runtime-CEP1m60d.js +0 -2
  1024. package/dist/setup-HKQAarOb.js +0 -636
  1025. package/dist/setup-api-EpAQ3HZv.js +0 -29
  1026. package/dist/setup-core-BgPN9ltC.js +0 -176
  1027. package/dist/setup-core-DSLCd1rN.js +0 -171
  1028. package/dist/setup-surface-DMN9uyVd.js +0 -403
  1029. package/dist/setup-surface-DhuBlD5J.js +0 -219
  1030. package/dist/setup-surface-E0DezmAi.js +0 -286
  1031. package/dist/setup.finalize-MkGL04S6.js +0 -547
  1032. package/dist/setup.gateway-config-Bnbhn6v-.js +0 -250
  1033. package/dist/shared-DDpJ78zl.js +0 -198
  1034. package/dist/shared-DGn0ibdp.js +0 -121
  1035. package/dist/shared-fUr4aN5q.js +0 -76
  1036. package/dist/slash-state-BXCSlhym.js +0 -1911
  1037. package/dist/src-uTvmDRmY.js +0 -3974
  1038. package/dist/startup-context-D-raEng1.js +0 -312
  1039. package/dist/status-B_d9Cx4z.js +0 -2
  1040. package/dist/status-Cm6eyksx.js +0 -209
  1041. package/dist/status-CmxOcSnZ.js +0 -2
  1042. package/dist/status-DVueyM2F.js +0 -395
  1043. package/dist/status-DbdzfpUI.js +0 -3
  1044. package/dist/status-DzQhntmn.js +0 -190
  1045. package/dist/status-all-m61xmSOw.js +0 -498
  1046. package/dist/status-json-DDMgeSaC.js +0 -14
  1047. package/dist/status-json-command-CK5HTDaU.js +0 -82
  1048. package/dist/status-runtime-shared-p3krF0s5.js +0 -241
  1049. package/dist/status-subagents.runtime-DHuvJr3p.js +0 -18
  1050. package/dist/status-text-CtkqzmoT.js +0 -237
  1051. package/dist/status.gateway-connection.runtime-Baws_5sO.js +0 -2
  1052. package/dist/status.gather-8OGnlbKU.js +0 -292
  1053. package/dist/status.gather-BETbqTkh.js +0 -2
  1054. package/dist/status.runtime-D7lk5mLJ.js +0 -2
  1055. package/dist/status.scan-BCPG9Nfn.js +0 -65
  1056. package/dist/status.scan-overview-BxfXogPo.js +0 -379
  1057. package/dist/status.scan.fast-json-DsYnYXoH.js +0 -2
  1058. package/dist/status.scan.fast-json-Ya7IYP0s.js +0 -132
  1059. package/dist/status.summary-BMSVTd_0.js +0 -200
  1060. package/dist/status.summary-CpaouG_t.js +0 -2
  1061. package/dist/subagent-announce-BHJpD5-v.js +0 -351
  1062. package/dist/subagent-announce-delivery-CKyEeFvA.js +0 -726
  1063. package/dist/subagent-announce-output-4itRkJFz.js +0 -364
  1064. package/dist/subagent-control-DnG7Wuci.js +0 -506
  1065. package/dist/subagent-followup.runtime-CSYnHTuh.js +0 -68
  1066. package/dist/subagent-orphan-recovery-CEGWLVDl.js +0 -305
  1067. package/dist/subagent-registry-BBck4LPP.js +0 -3
  1068. package/dist/subagent-registry-Kop804vg.js +0 -1753
  1069. package/dist/subagent-spawn-CZJpCHIN.js +0 -1005
  1070. package/dist/system-cli-CTd252XD.js +0 -43
  1071. package/dist/targets-CD3QLNpW.js +0 -67
  1072. package/dist/task-executor-BbCXhqDF.js +0 -360
  1073. package/dist/task-owner-access-Be7GpZNB.js +0 -74
  1074. package/dist/task-registry-CZN3bWaG.js +0 -2357
  1075. package/dist/task-registry-delivery-runtime-BQTBKwpP.js +0 -3
  1076. package/dist/task-registry-delivery-runtime-BxmqiCDh.js +0 -2
  1077. package/dist/task-registry.maintenance-3Y9NCOoG.js +0 -2
  1078. package/dist/task-registry.maintenance-DCn5Caci.js +0 -416
  1079. package/dist/testing-BH9BASoR.js +0 -575
  1080. package/dist/text-report-B0Y14E6B.js +0 -549
  1081. package/dist/tool-resolution-D4AhidQx.js +0 -90
  1082. package/dist/tools-effective-inventory-_1V0I8t9.js +0 -152
  1083. package/dist/tools-invoke-http-B6q43oJu.js +0 -206
  1084. package/dist/trash-BEJ9CQ7c.js +0 -24
  1085. package/dist/tui-cli-BHo_XAR4.js +0 -4585
  1086. package/dist/update-cli-yoJZUuTt.js +0 -1759
  1087. package/dist/upgrade-xIQd0f13.js +0 -1226
  1088. package/dist/video-generation-task-status-B9we9j9s.js +0 -163
  1089. package/dist/wait-for-idle-before-flush-A1yDxWJx.js +0 -5985
  1090. package/dist/wizard-models-CRc4fctG.js +0 -334
@@ -0,0 +1,1337 @@
1
+ import { s as __toESM } from "./chunk-A-jGZS85.js";
2
+ import { a as normalizeLowercaseStringOrEmpty, c as normalizeOptionalString } from "./string-coerce-DPP_aYVc.js";
3
+ import { l as isRecord$1 } from "./utils-CWrkFsp0.js";
4
+ import { l as normalizeResolvedSecretInputString, o as hasConfiguredSecretInput, u as normalizeSecretInputString } from "./types.secrets-BbgGt42I.js";
5
+ import { d as isPrivateIpAddress } from "./ssrf-BR9EvI4i.js";
6
+ import { n as fetchWithSsrFGuard } from "./fetch-guard-CsgToyd0.js";
7
+ import "./text-runtime-DVUvIDNC.js";
8
+ import "./secret-input-X94ng2dE.js";
9
+ import { a as isHttpsUrlAllowedByHostnameSuffixAllowlist, l as normalizeHostnameSuffixAllowlist, n as buildHostnameAllowlistPolicyFromSuffixAllowlist } from "./ssrf-policy-ChAc-ige.js";
10
+ import "./ssrf-runtime-DXdCQqiX.js";
11
+ import { t as getMSTeamsRuntime } from "./runtime-api-DgKObkOQ.js";
12
+ import { n as refreshMSTeamsDelegatedTokens } from "./oauth.token-Dos0lokK.js";
13
+ import { createRequire } from "node:module";
14
+ import * as fs$1 from "node:fs";
15
+ import { mkdirSync, readFileSync, writeFileSync } from "node:fs";
16
+ import path, { dirname } from "node:path";
17
+ import { Buffer } from "node:buffer";
18
+ import { lookup } from "node:dns/promises";
19
+ //#region extensions/msteams/src/attachments/shared.ts
20
+ const IMAGE_EXT_RE = /\.(avif|bmp|gif|heic|heif|jpe?g|png|tiff?|webp)$/i;
21
+ const IMG_SRC_RE = /<img[^>]+src=["']([^"']+)["'][^>]*>/gi;
22
+ const ATTACHMENT_TAG_RE = /<attachment[^>]+id=["']([^"']+)["'][^>]*>/gi;
23
+ const DEFAULT_MEDIA_HOST_ALLOWLIST = [
24
+ "graph.microsoft.com",
25
+ "graph.microsoft.us",
26
+ "graph.microsoft.de",
27
+ "graph.microsoft.cn",
28
+ "sharepoint.com",
29
+ "sharepoint.us",
30
+ "sharepoint.de",
31
+ "sharepoint.cn",
32
+ "sharepoint-df.com",
33
+ "1drv.ms",
34
+ "onedrive.com",
35
+ "teams.microsoft.com",
36
+ "teams.cdn.office.net",
37
+ "statics.teams.cdn.office.net",
38
+ "office.com",
39
+ "office.net",
40
+ "asm.skype.com",
41
+ "ams.skype.com",
42
+ "media.ams.skype.com",
43
+ "trafficmanager.net",
44
+ "blob.core.windows.net",
45
+ "azureedge.net",
46
+ "microsoft.com"
47
+ ];
48
+ const DEFAULT_MEDIA_AUTH_HOST_ALLOWLIST = [
49
+ "api.botframework.com",
50
+ "botframework.com",
51
+ "smba.trafficmanager.net",
52
+ "graph.microsoft.com",
53
+ "graph.microsoft.us",
54
+ "graph.microsoft.de",
55
+ "graph.microsoft.cn"
56
+ ];
57
+ const GRAPH_ROOT = "https://graph.microsoft.com/v1.0";
58
+ function estimateBase64DecodedBytes(base64) {
59
+ let effectiveLen = 0;
60
+ for (let i = 0; i < base64.length; i += 1) {
61
+ if (base64.charCodeAt(i) <= 32) continue;
62
+ effectiveLen += 1;
63
+ }
64
+ if (effectiveLen === 0) return 0;
65
+ let padding = 0;
66
+ let end = base64.length - 1;
67
+ while (end >= 0 && base64.charCodeAt(end) <= 32) end -= 1;
68
+ if (end >= 0 && base64[end] === "=") {
69
+ padding = 1;
70
+ end -= 1;
71
+ while (end >= 0 && base64.charCodeAt(end) <= 32) end -= 1;
72
+ if (end >= 0 && base64[end] === "=") padding = 2;
73
+ }
74
+ const estimated = Math.floor(effectiveLen * 3 / 4) - padding;
75
+ return Math.max(0, estimated);
76
+ }
77
+ /**
78
+ * Host suffixes for SharePoint/OneDrive shared links that must be fetched via
79
+ * the Graph `/shares/{shareId}/driveItem/content` endpoint instead of directly.
80
+ *
81
+ * Direct fetches of SharePoint/OneDrive shared URLs return empty/HTML landing
82
+ * pages unless encoded as a Graph share id. See
83
+ * https://learn.microsoft.com/en-us/graph/api/shares-get for the encoding.
84
+ */
85
+ const GRAPH_SHARED_LINK_HOST_SUFFIXES = [
86
+ ".sharepoint.com",
87
+ ".sharepoint.us",
88
+ ".sharepoint.de",
89
+ ".sharepoint.cn",
90
+ ".sharepoint-df.com",
91
+ "1drv.ms",
92
+ "onedrive.live.com",
93
+ "onedrive.com"
94
+ ];
95
+ /**
96
+ * Returns true when the URL points at a SharePoint or OneDrive host whose
97
+ * shared-link content must be fetched through the Graph shares API rather
98
+ * than directly.
99
+ */
100
+ function isGraphSharedLinkUrl(url) {
101
+ let host;
102
+ try {
103
+ host = normalizeLowercaseStringOrEmpty(new URL(url).hostname);
104
+ } catch {
105
+ return false;
106
+ }
107
+ if (!host) return false;
108
+ return GRAPH_SHARED_LINK_HOST_SUFFIXES.some((suffix) => host === suffix || host.endsWith(suffix));
109
+ }
110
+ /**
111
+ * Encode a SharePoint/OneDrive URL as a Graph shareId using the documented
112
+ * `u!` + base64url (no padding) scheme:
113
+ * https://learn.microsoft.com/en-us/graph/api/shares-get#encoding-sharing-urls
114
+ */
115
+ function encodeGraphShareId(url) {
116
+ return `u!${Buffer.from(url, "utf8").toString("base64url")}`;
117
+ }
118
+ /**
119
+ * When `url` is a SharePoint/OneDrive shared link, return the matching
120
+ * `GET /shares/{shareId}/driveItem/content` URL that actually yields the file
121
+ * bytes. Returns `undefined` for non-shared-link URLs so callers can fall
122
+ * through to the existing fetch path.
123
+ */
124
+ function tryBuildGraphSharesUrlForSharedLink(url) {
125
+ if (!isGraphSharedLinkUrl(url)) return;
126
+ return `${GRAPH_ROOT}/shares/${encodeGraphShareId(url)}/driveItem/content`;
127
+ }
128
+ function readNestedString(value, keys) {
129
+ let current = value;
130
+ for (const key of keys) {
131
+ if (!isRecord$1(current)) return;
132
+ current = current[key];
133
+ }
134
+ return normalizeOptionalString(current);
135
+ }
136
+ function resolveRequestUrl(input) {
137
+ if (typeof input === "string") return input;
138
+ if (input instanceof URL) return input.toString();
139
+ if (typeof input === "object" && input && "url" in input && typeof input.url === "string") return input.url;
140
+ try {
141
+ return JSON.stringify(input);
142
+ } catch {
143
+ return "";
144
+ }
145
+ }
146
+ function normalizeContentType(value) {
147
+ if (typeof value !== "string") return;
148
+ const trimmed = value.trim();
149
+ return trimmed ? trimmed : void 0;
150
+ }
151
+ function inferPlaceholder(params) {
152
+ const mime = normalizeLowercaseStringOrEmpty(params.contentType ?? "");
153
+ const name = normalizeLowercaseStringOrEmpty(params.fileName ?? "");
154
+ const fileType = normalizeLowercaseStringOrEmpty(params.fileType ?? "");
155
+ return mime.startsWith("image/") || IMAGE_EXT_RE.test(name) || IMAGE_EXT_RE.test(`x.${fileType}`) ? "<media:image>" : "<media:document>";
156
+ }
157
+ function isLikelyImageAttachment(att) {
158
+ const contentType = normalizeContentType(att.contentType) ?? "";
159
+ const name = typeof att.name === "string" ? att.name : "";
160
+ if (contentType.startsWith("image/")) return true;
161
+ if (IMAGE_EXT_RE.test(name)) return true;
162
+ if (contentType === "application/vnd.microsoft.teams.file.download.info" && isRecord$1(att.content)) {
163
+ const fileType = typeof att.content.fileType === "string" ? att.content.fileType : "";
164
+ if (fileType && IMAGE_EXT_RE.test(`x.${fileType}`)) return true;
165
+ const fileName = typeof att.content.fileName === "string" ? att.content.fileName : "";
166
+ if (fileName && IMAGE_EXT_RE.test(fileName)) return true;
167
+ }
168
+ return false;
169
+ }
170
+ /**
171
+ * Returns true if the attachment can be downloaded (any file type).
172
+ * Used when downloading all files, not just images.
173
+ */
174
+ function isDownloadableAttachment(att) {
175
+ if ((normalizeContentType(att.contentType) ?? "") === "application/vnd.microsoft.teams.file.download.info" && isRecord$1(att.content) && typeof att.content.downloadUrl === "string") return true;
176
+ if (typeof att.contentUrl === "string" && att.contentUrl.trim()) return true;
177
+ return false;
178
+ }
179
+ function isHtmlAttachment(att) {
180
+ return (normalizeContentType(att.contentType) ?? "").startsWith("text/html");
181
+ }
182
+ function extractHtmlFromAttachment(att) {
183
+ if (!isHtmlAttachment(att)) return;
184
+ if (typeof att.content === "string") return att.content;
185
+ if (!isRecord$1(att.content)) return;
186
+ return typeof att.content.text === "string" ? att.content.text : typeof att.content.body === "string" ? att.content.body : typeof att.content.content === "string" ? att.content.content : void 0;
187
+ }
188
+ function isLikelyBase64Payload(value) {
189
+ return /^[A-Za-z0-9+/=\r\n]+$/.test(value);
190
+ }
191
+ function decodeDataImageWithLimits(src, opts) {
192
+ const match = /^data:(image\/[a-z0-9.+-]+)?(;base64)?,(.*)$/i.exec(src);
193
+ if (!match) return {
194
+ candidate: null,
195
+ estimatedBytes: 0
196
+ };
197
+ const contentType = normalizeLowercaseStringOrEmpty(match[1] ?? "");
198
+ if (!Boolean(match[2])) return {
199
+ candidate: null,
200
+ estimatedBytes: 0
201
+ };
202
+ const payload = match[3] ?? "";
203
+ if (!payload || !isLikelyBase64Payload(payload)) return {
204
+ candidate: null,
205
+ estimatedBytes: 0
206
+ };
207
+ const estimatedBytes = estimateBase64DecodedBytes(payload);
208
+ if (estimatedBytes <= 0) return {
209
+ candidate: null,
210
+ estimatedBytes: 0
211
+ };
212
+ if (typeof opts.maxInlineBytes === "number" && estimatedBytes > opts.maxInlineBytes) return {
213
+ candidate: null,
214
+ estimatedBytes
215
+ };
216
+ try {
217
+ return {
218
+ candidate: {
219
+ kind: "data",
220
+ data: Buffer.from(payload, "base64"),
221
+ contentType,
222
+ placeholder: "<media:image>"
223
+ },
224
+ estimatedBytes
225
+ };
226
+ } catch {
227
+ return {
228
+ candidate: null,
229
+ estimatedBytes: 0
230
+ };
231
+ }
232
+ }
233
+ function fileHintFromUrl(src) {
234
+ try {
235
+ return new URL(src).pathname.split("/").pop() || void 0;
236
+ } catch {
237
+ return;
238
+ }
239
+ }
240
+ function extractInlineImageCandidates(attachments, limits) {
241
+ const out = [];
242
+ let totalEstimatedInlineBytes = 0;
243
+ outerLoop: for (const att of attachments) {
244
+ const html = extractHtmlFromAttachment(att);
245
+ if (!html) continue;
246
+ IMG_SRC_RE.lastIndex = 0;
247
+ let match = IMG_SRC_RE.exec(html);
248
+ while (match) {
249
+ const src = match[1]?.trim();
250
+ if (src && !src.startsWith("cid:")) if (src.startsWith("data:")) {
251
+ const { candidate: decoded, estimatedBytes } = decodeDataImageWithLimits(src, { maxInlineBytes: limits?.maxInlineBytes });
252
+ if (decoded) {
253
+ const nextTotal = totalEstimatedInlineBytes + estimatedBytes;
254
+ if (typeof limits?.maxInlineTotalBytes === "number" && nextTotal > limits.maxInlineTotalBytes) break outerLoop;
255
+ totalEstimatedInlineBytes = nextTotal;
256
+ out.push(decoded);
257
+ }
258
+ } else out.push({
259
+ kind: "url",
260
+ url: src,
261
+ fileHint: fileHintFromUrl(src),
262
+ placeholder: "<media:image>"
263
+ });
264
+ match = IMG_SRC_RE.exec(html);
265
+ }
266
+ }
267
+ return out;
268
+ }
269
+ function safeHostForUrl(url) {
270
+ try {
271
+ return normalizeLowercaseStringOrEmpty(new URL(url).hostname);
272
+ } catch {
273
+ return "invalid-url";
274
+ }
275
+ }
276
+ function resolveAllowedHosts(input) {
277
+ return normalizeHostnameSuffixAllowlist(input, DEFAULT_MEDIA_HOST_ALLOWLIST);
278
+ }
279
+ function resolveAuthAllowedHosts(input) {
280
+ return normalizeHostnameSuffixAllowlist(input, DEFAULT_MEDIA_AUTH_HOST_ALLOWLIST);
281
+ }
282
+ function resolveAttachmentFetchPolicy(params) {
283
+ return {
284
+ allowHosts: resolveAllowedHosts(params?.allowHosts),
285
+ authAllowHosts: resolveAuthAllowedHosts(params?.authAllowHosts)
286
+ };
287
+ }
288
+ function isUrlAllowed(url, allowlist) {
289
+ return isHttpsUrlAllowedByHostnameSuffixAllowlist(url, allowlist);
290
+ }
291
+ function applyAuthorizationHeaderForUrl(params) {
292
+ if (!params.bearerToken) {
293
+ params.headers.delete("Authorization");
294
+ return;
295
+ }
296
+ if (isUrlAllowed(params.url, params.authAllowHosts)) {
297
+ params.headers.set("Authorization", `Bearer ${params.bearerToken}`);
298
+ return;
299
+ }
300
+ params.headers.delete("Authorization");
301
+ }
302
+ function resolveMediaSsrfPolicy(allowHosts) {
303
+ return buildHostnameAllowlistPolicyFromSuffixAllowlist(allowHosts);
304
+ }
305
+ /**
306
+ * Returns true if the given IPv4 or IPv6 address is in a private, loopback,
307
+ * or link-local range that must never be reached from media downloads.
308
+ *
309
+ * Delegates to the SDK's `isPrivateIpAddress` which handles IPv4-mapped IPv6,
310
+ * expanded notation, NAT64, 6to4, Teredo, octal IPv4, and fails closed on
311
+ * parse errors.
312
+ */
313
+ const isPrivateOrReservedIP = isPrivateIpAddress;
314
+ /**
315
+ * Resolve a hostname via DNS and reject private/reserved IPs.
316
+ * Throws if the resolved IP is private or resolution fails.
317
+ */
318
+ async function resolveAndValidateIP(hostname, resolveFn) {
319
+ const resolve = resolveFn ?? lookup;
320
+ let resolved;
321
+ try {
322
+ resolved = await resolve(hostname);
323
+ } catch {
324
+ throw new Error(`DNS resolution failed for "${hostname}"`);
325
+ }
326
+ if (isPrivateOrReservedIP(resolved.address)) throw new Error(`Hostname "${hostname}" resolves to private/reserved IP (${resolved.address})`);
327
+ return resolved.address;
328
+ }
329
+ /** Maximum number of redirects to follow in safeFetch. */
330
+ const MAX_SAFE_REDIRECTS = 5;
331
+ /**
332
+ * Fetch a URL with redirect: "manual", validating each redirect target
333
+ * against the hostname allowlist and optional DNS-resolved IP (anti-SSRF).
334
+ *
335
+ * This prevents:
336
+ * - Auto-following redirects to non-allowlisted hosts
337
+ * - DNS rebinding attacks when a lookup function is provided
338
+ */
339
+ async function safeFetch(params) {
340
+ const fetchFn = params.fetchFn ?? fetch;
341
+ const resolveFn = params.resolveFn ?? lookup;
342
+ const hasDispatcher = Boolean(params.requestInit && typeof params.requestInit === "object" && "dispatcher" in params.requestInit);
343
+ const currentHeaders = new Headers(params.requestInit?.headers);
344
+ let currentUrl = params.url;
345
+ if (!isUrlAllowed(currentUrl, params.allowHosts)) throw new Error(`Initial download URL blocked: ${currentUrl}`);
346
+ if (resolveFn) try {
347
+ const initialHost = new URL(currentUrl).hostname;
348
+ await resolveAndValidateIP(initialHost, resolveFn);
349
+ } catch {
350
+ throw new Error(`Initial download URL blocked: ${currentUrl}`);
351
+ }
352
+ for (let i = 0; i <= MAX_SAFE_REDIRECTS; i++) {
353
+ const res = await fetchFn(currentUrl, {
354
+ ...params.requestInit,
355
+ headers: currentHeaders,
356
+ redirect: "manual"
357
+ });
358
+ if (![
359
+ 301,
360
+ 302,
361
+ 303,
362
+ 307,
363
+ 308
364
+ ].includes(res.status)) return res;
365
+ const location = res.headers.get("location");
366
+ if (!location) return res;
367
+ let redirectUrl;
368
+ try {
369
+ redirectUrl = new URL(location, currentUrl).toString();
370
+ } catch {
371
+ throw new Error(`Invalid redirect URL: ${location}`);
372
+ }
373
+ if (!isUrlAllowed(redirectUrl, params.allowHosts)) throw new Error(`Media redirect target blocked by allowlist: ${redirectUrl}`);
374
+ if (currentHeaders.has("authorization") && params.authorizationAllowHosts && !isUrlAllowed(redirectUrl, params.authorizationAllowHosts)) currentHeaders.delete("authorization");
375
+ if (hasDispatcher) return res;
376
+ if (resolveFn) {
377
+ const redirectHost = new URL(redirectUrl).hostname;
378
+ await resolveAndValidateIP(redirectHost, resolveFn);
379
+ }
380
+ currentUrl = redirectUrl;
381
+ }
382
+ throw new Error(`Too many redirects (>${MAX_SAFE_REDIRECTS})`);
383
+ }
384
+ async function safeFetchWithPolicy(params) {
385
+ return await safeFetch({
386
+ url: params.url,
387
+ allowHosts: params.policy.allowHosts,
388
+ authorizationAllowHosts: params.policy.authAllowHosts,
389
+ fetchFn: params.fetchFn,
390
+ requestInit: params.requestInit,
391
+ resolveFn: params.resolveFn
392
+ });
393
+ }
394
+ //#endregion
395
+ //#region extensions/msteams/src/errors.ts
396
+ function isRecord(value) {
397
+ return typeof value === "object" && value !== null && !Array.isArray(value);
398
+ }
399
+ function formatUnknownError(err) {
400
+ if (err instanceof Error) return err.message;
401
+ if (typeof err === "string") return err;
402
+ if (err === null) return "null";
403
+ if (err === void 0) return "undefined";
404
+ if (typeof err === "number" || typeof err === "boolean" || typeof err === "bigint") return String(err);
405
+ if (typeof err === "symbol") return err.description ?? err.toString();
406
+ if (typeof err === "function") return err.name ? `[function ${err.name}]` : "[function]";
407
+ try {
408
+ return JSON.stringify(err) ?? "unknown error";
409
+ } catch {
410
+ return "unknown error";
411
+ }
412
+ }
413
+ function extractStatusCode(err) {
414
+ if (!isRecord(err)) return null;
415
+ const direct = err.statusCode ?? err.status;
416
+ if (typeof direct === "number" && Number.isFinite(direct)) return direct;
417
+ if (typeof direct === "string") {
418
+ const parsed = Number.parseInt(direct, 10);
419
+ if (Number.isFinite(parsed)) return parsed;
420
+ }
421
+ const response = err.response;
422
+ if (isRecord(response)) {
423
+ const status = response.status;
424
+ if (typeof status === "number" && Number.isFinite(status)) return status;
425
+ if (typeof status === "string") {
426
+ const parsed = Number.parseInt(status, 10);
427
+ if (Number.isFinite(parsed)) return parsed;
428
+ }
429
+ }
430
+ return null;
431
+ }
432
+ function extractErrorCode(err) {
433
+ if (!isRecord(err)) return null;
434
+ const direct = err.code;
435
+ if (typeof direct === "string" && direct.trim()) return direct;
436
+ const response = err.response;
437
+ if (!isRecord(response)) return null;
438
+ const body = response.body;
439
+ if (isRecord(body)) {
440
+ const error = body.error;
441
+ if (isRecord(error) && typeof error.code === "string" && error.code.trim()) return error.code;
442
+ }
443
+ return null;
444
+ }
445
+ function extractRetryAfterMs(err) {
446
+ if (!isRecord(err)) return null;
447
+ const direct = err.retryAfterMs ?? err.retry_after_ms;
448
+ if (typeof direct === "number" && Number.isFinite(direct) && direct >= 0) return direct;
449
+ const retryAfter = err.retryAfter ?? err.retry_after;
450
+ if (typeof retryAfter === "number" && Number.isFinite(retryAfter)) return retryAfter >= 0 ? retryAfter * 1e3 : null;
451
+ if (typeof retryAfter === "string") {
452
+ const parsed = Number.parseFloat(retryAfter);
453
+ if (Number.isFinite(parsed) && parsed >= 0) return parsed * 1e3;
454
+ }
455
+ const response = err.response;
456
+ if (!isRecord(response)) return null;
457
+ const headers = response.headers;
458
+ if (!headers) return null;
459
+ if (isRecord(headers)) {
460
+ const raw = headers["retry-after"] ?? headers["Retry-After"];
461
+ if (typeof raw === "string") {
462
+ const parsed = Number.parseFloat(raw);
463
+ if (Number.isFinite(parsed) && parsed >= 0) return parsed * 1e3;
464
+ }
465
+ }
466
+ if (typeof headers === "object" && headers !== null && "get" in headers && typeof headers.get === "function") {
467
+ const raw = headers.get("retry-after");
468
+ if (raw) {
469
+ const parsed = Number.parseFloat(raw);
470
+ if (Number.isFinite(parsed) && parsed >= 0) return parsed * 1e3;
471
+ }
472
+ }
473
+ return null;
474
+ }
475
+ /**
476
+ * Classify outbound send errors for safe retries and actionable logs.
477
+ *
478
+ * Important: We only mark errors as retryable when we have an explicit HTTP
479
+ * status code that indicates the message was not accepted (e.g. 429, 5xx).
480
+ * For transport-level errors where delivery is ambiguous, we prefer to avoid
481
+ * retries to reduce the chance of duplicate posts.
482
+ */
483
+ function classifyMSTeamsSendError(err) {
484
+ const statusCode = extractStatusCode(err);
485
+ const retryAfterMs = extractRetryAfterMs(err);
486
+ const errorCode = extractErrorCode(err) ?? void 0;
487
+ if (statusCode === 401) return {
488
+ kind: "auth",
489
+ statusCode,
490
+ errorCode
491
+ };
492
+ if (statusCode === 403) {
493
+ if (errorCode === "ContentStreamNotAllowed") return {
494
+ kind: "permanent",
495
+ statusCode,
496
+ errorCode
497
+ };
498
+ return {
499
+ kind: "auth",
500
+ statusCode,
501
+ errorCode
502
+ };
503
+ }
504
+ if (statusCode === 429) return {
505
+ kind: "throttled",
506
+ statusCode,
507
+ retryAfterMs: retryAfterMs ?? void 0,
508
+ errorCode
509
+ };
510
+ if (statusCode === 408 || statusCode != null && statusCode >= 500) return {
511
+ kind: "transient",
512
+ statusCode,
513
+ retryAfterMs: retryAfterMs ?? void 0,
514
+ errorCode
515
+ };
516
+ if (statusCode != null && statusCode >= 400) return {
517
+ kind: "permanent",
518
+ statusCode,
519
+ errorCode
520
+ };
521
+ return {
522
+ kind: "unknown",
523
+ statusCode: statusCode ?? void 0,
524
+ retryAfterMs: retryAfterMs ?? void 0,
525
+ errorCode
526
+ };
527
+ }
528
+ /**
529
+ * Detect whether an error is caused by a revoked Proxy.
530
+ *
531
+ * The Bot Framework SDK wraps TurnContext in a Proxy that is revoked once the
532
+ * turn handler returns. Any later access (e.g. from a debounced callback)
533
+ * throws a TypeError whose message contains the distinctive "proxy that has
534
+ * been revoked" string.
535
+ */
536
+ function isRevokedProxyError(err) {
537
+ if (!(err instanceof TypeError)) return false;
538
+ return /proxy that has been revoked/i.test(err.message);
539
+ }
540
+ function formatMSTeamsSendErrorHint(classification) {
541
+ if (classification.kind === "auth") return "check msteams appId/appPassword/tenantId (or env vars MSTEAMS_APP_ID/MSTEAMS_APP_PASSWORD/MSTEAMS_TENANT_ID)";
542
+ if (classification.errorCode === "ContentStreamNotAllowed") return "Teams expired the content stream; stop streaming earlier and fall back to normal message delivery";
543
+ if (classification.kind === "throttled") return "Teams throttled the bot; backing off may help";
544
+ if (classification.kind === "transient") return "transient Teams/Bot Framework error; retry may succeed";
545
+ }
546
+ //#endregion
547
+ //#region extensions/msteams/src/user-agent.ts
548
+ let cachedUserAgent;
549
+ function resolveTeamsSdkVersion() {
550
+ try {
551
+ return createRequire(import.meta.url)("@microsoft/teams.apps/package.json").version ?? "unknown";
552
+ } catch {
553
+ return "unknown";
554
+ }
555
+ }
556
+ function resolveGenesisVersion() {
557
+ try {
558
+ return getMSTeamsRuntime().version;
559
+ } catch {
560
+ return "unknown";
561
+ }
562
+ }
563
+ function buildUserAgent() {
564
+ if (cachedUserAgent) return cachedUserAgent;
565
+ cachedUserAgent = `teams.ts[apps]/${resolveTeamsSdkVersion()} Genesis/${resolveGenesisVersion()}`;
566
+ return cachedUserAgent;
567
+ }
568
+ function ensureUserAgentHeader(headers) {
569
+ const nextHeaders = new Headers(headers);
570
+ if (!nextHeaders.has("User-Agent")) nextHeaders.set("User-Agent", buildUserAgent());
571
+ return nextHeaders;
572
+ }
573
+ //#endregion
574
+ //#region extensions/msteams/src/sdk.ts
575
+ const AZURE_IDENTITY_MODULE = "@azure/identity";
576
+ let azureIdentityModulePromise = null;
577
+ async function loadAzureIdentity() {
578
+ azureIdentityModulePromise ??= import(AZURE_IDENTITY_MODULE);
579
+ return azureIdentityModulePromise;
580
+ }
581
+ let msTeamsSdkPromise = null;
582
+ async function loadMSTeamsSdk() {
583
+ msTeamsSdkPromise ??= Promise.all([import("./dist-CrElCXKU.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1)), import("./dist-yPW9aDzi.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1))]).then(([appsModule, apiModule]) => ({
584
+ App: appsModule.App,
585
+ Client: apiModule.Client
586
+ }));
587
+ return msTeamsSdkPromise;
588
+ }
589
+ /**
590
+ * Create a no-op HTTP server adapter that satisfies the Teams SDK's
591
+ * IHttpServerAdapter interface without spinning up an Express server.
592
+ *
593
+ * Genesis manages its own Express server for the Teams webhook endpoint, so
594
+ * the SDK's built-in HTTP server is unnecessary. Passing this adapter via the
595
+ * `httpServerAdapter` option prevents the SDK from creating the default
596
+ * HttpPlugin (which uses the deprecated `plugins` array and registers an
597
+ * Express middleware with the pattern `/api*` — invalid in Express 5).
598
+ *
599
+ * See: https://github.com/PIXELZX0/Genesis/issues/55161
600
+ * See: https://github.com/PIXELZX0/Genesis/issues/60732
601
+ */
602
+ function createNoOpHttpServerAdapter() {
603
+ return { registerRoute() {} };
604
+ }
605
+ /**
606
+ * Create a Teams SDK App instance from credentials. The App manages token
607
+ * acquisition, JWT validation, and the HTTP server lifecycle.
608
+ *
609
+ * This replaces the previous CloudAdapter + MsalTokenProvider + authorizeJWT
610
+ * from @microsoft/agents-hosting.
611
+ */
612
+ async function createMSTeamsApp(creds, sdk) {
613
+ if (creds.type === "federated") return createFederatedApp(creds, sdk);
614
+ return new sdk.App({
615
+ clientId: creds.appId,
616
+ clientSecret: creds.appPassword,
617
+ tenantId: creds.tenantId,
618
+ httpServerAdapter: createNoOpHttpServerAdapter()
619
+ });
620
+ }
621
+ function createFederatedApp(creds, sdk) {
622
+ if (creds.useManagedIdentity) return createManagedIdentityApp(creds, sdk);
623
+ if (!creds.certificatePath) throw new Error("Federated credentials require either a certificate path or managed identity.");
624
+ let privateKey;
625
+ try {
626
+ privateKey = fs$1.readFileSync(creds.certificatePath, "utf-8");
627
+ } catch (err) {
628
+ const msg = err instanceof Error ? err.message : String(err);
629
+ throw new Error(`Failed to read certificate file at '${creds.certificatePath}': ${msg}`, { cause: err });
630
+ }
631
+ return createCertificateApp(creds, privateKey, sdk);
632
+ }
633
+ function createCertificateApp(creds, privateKey, sdk) {
634
+ let credentialPromise = null;
635
+ const getCredential = async () => {
636
+ if (!credentialPromise) credentialPromise = loadAzureIdentity().then((az) => new az.ClientCertificateCredential(creds.tenantId, creds.appId, { certificate: privateKey }));
637
+ return credentialPromise;
638
+ };
639
+ const tokenProvider = async (scope) => {
640
+ const token = await (await getCredential()).getToken(scope);
641
+ if (!token?.token) throw new Error("Failed to acquire token via certificate credential.");
642
+ return token.token;
643
+ };
644
+ return new sdk.App({
645
+ clientId: creds.appId,
646
+ tenantId: creds.tenantId,
647
+ token: tokenProvider,
648
+ httpServerAdapter: createNoOpHttpServerAdapter()
649
+ });
650
+ }
651
+ function createManagedIdentityApp(creds, sdk) {
652
+ let credentialPromise = null;
653
+ const getCredential = async () => {
654
+ if (!credentialPromise) credentialPromise = loadAzureIdentity().then((az) => creds.managedIdentityClientId ? new az.ManagedIdentityCredential(creds.managedIdentityClientId) : new az.ManagedIdentityCredential());
655
+ return credentialPromise;
656
+ };
657
+ const tokenProvider = async (scope) => {
658
+ const token = await (await getCredential()).getToken(scope);
659
+ if (!token?.token) throw new Error("Failed to acquire token via managed identity.");
660
+ return token.token;
661
+ };
662
+ return new sdk.App({
663
+ clientId: creds.appId,
664
+ tenantId: creds.tenantId,
665
+ token: tokenProvider,
666
+ httpServerAdapter: createNoOpHttpServerAdapter()
667
+ });
668
+ }
669
+ /**
670
+ * Build a token provider that uses the Teams SDK App for token acquisition.
671
+ */
672
+ function createMSTeamsTokenProvider(app) {
673
+ return { async getAccessToken(scope) {
674
+ if (scope.includes("graph.microsoft.com")) {
675
+ const token = await app.getAppGraphToken();
676
+ return token ? String(token) : "";
677
+ }
678
+ const token = await app.getBotToken();
679
+ return token ? String(token) : "";
680
+ } };
681
+ }
682
+ function createBotTokenGetter(app) {
683
+ return async () => {
684
+ const token = await app.getBotToken();
685
+ return token ? String(token) : void 0;
686
+ };
687
+ }
688
+ function createApiClient(sdk, serviceUrl, getToken) {
689
+ return new sdk.Client(serviceUrl, {
690
+ token: async () => await getToken() || void 0,
691
+ headers: { "User-Agent": buildUserAgent() }
692
+ });
693
+ }
694
+ function normalizeOutboundActivity(textOrActivity) {
695
+ return typeof textOrActivity === "string" ? {
696
+ type: "message",
697
+ text: textOrActivity
698
+ } : textOrActivity;
699
+ }
700
+ function createSendContext(params) {
701
+ const apiClient = params.serviceUrl && params.conversationId ? createApiClient(params.sdk, params.serviceUrl, params.getToken) : void 0;
702
+ return {
703
+ async sendActivity(textOrActivity) {
704
+ const msg = normalizeOutboundActivity(textOrActivity);
705
+ if (params.treatInvokeResponseAsNoop && msg.type === "invokeResponse") return { id: "invokeResponse" };
706
+ if (!apiClient || !params.conversationId) return { id: "unknown" };
707
+ const existingChannelData = msg.channelData && typeof msg.channelData === "object" ? msg.channelData : void 0;
708
+ const channelData = params.tenantId ? {
709
+ ...existingChannelData,
710
+ tenant: { id: params.tenantId }
711
+ } : existingChannelData;
712
+ return await apiClient.conversations.activities(params.conversationId).create({
713
+ type: "message",
714
+ ...msg,
715
+ ...channelData ? { channelData } : {},
716
+ from: params.bot?.id ? {
717
+ id: params.bot.id,
718
+ name: params.bot.name ?? "",
719
+ role: "bot"
720
+ } : void 0,
721
+ conversation: {
722
+ id: params.conversationId,
723
+ conversationType: params.conversationType ?? "personal",
724
+ ...params.tenantId ? { tenantId: params.tenantId } : {}
725
+ },
726
+ ...params.recipientId || params.recipientAadObjectId ? { recipient: {
727
+ ...params.recipientId ? { id: params.recipientId } : {},
728
+ ...params.recipientAadObjectId ? { aadObjectId: params.recipientAadObjectId } : {}
729
+ } } : {},
730
+ ...params.replyToActivityId && !msg.replyToId ? { replyToId: params.replyToActivityId } : {}
731
+ });
732
+ },
733
+ async updateActivity(activityUpdate) {
734
+ const nextActivity = activityUpdate;
735
+ const activityId = nextActivity.id;
736
+ if (!activityId) throw new Error("updateActivity requires an activity id");
737
+ if (!params.serviceUrl || !params.conversationId) return { id: "unknown" };
738
+ return await updateActivityViaRest({
739
+ serviceUrl: params.serviceUrl,
740
+ conversationId: params.conversationId,
741
+ activityId,
742
+ activity: nextActivity,
743
+ token: await params.getToken()
744
+ });
745
+ },
746
+ async deleteActivity(activityId) {
747
+ if (!activityId) throw new Error("deleteActivity requires an activity id");
748
+ if (!params.serviceUrl || !params.conversationId) return;
749
+ await deleteActivityViaRest({
750
+ serviceUrl: params.serviceUrl,
751
+ conversationId: params.conversationId,
752
+ activityId,
753
+ token: await params.getToken()
754
+ });
755
+ }
756
+ };
757
+ }
758
+ function createProcessContext(params) {
759
+ const serviceUrl = params.activity?.serviceUrl;
760
+ const conversationId = (params.activity?.conversation)?.id;
761
+ const conversationType = (params.activity?.conversation)?.conversationType;
762
+ const replyToActivityId = params.activity?.id;
763
+ const bot = params.activity?.recipient && typeof params.activity.recipient === "object" ? {
764
+ id: params.activity.recipient.id,
765
+ name: params.activity.recipient.name
766
+ } : void 0;
767
+ const sendContext = createSendContext({
768
+ sdk: params.sdk,
769
+ serviceUrl,
770
+ conversationId,
771
+ conversationType,
772
+ bot,
773
+ replyToActivityId,
774
+ getToken: params.getToken,
775
+ treatInvokeResponseAsNoop: true
776
+ });
777
+ return {
778
+ activity: params.activity,
779
+ ...sendContext,
780
+ async sendActivities(activities) {
781
+ const results = [];
782
+ for (const activity of activities) results.push(await sendContext.sendActivity(activity));
783
+ return results;
784
+ }
785
+ };
786
+ }
787
+ /**
788
+ * Update an existing activity via the Bot Framework REST API.
789
+ * PUT /v3/conversations/{conversationId}/activities/{activityId}
790
+ */
791
+ async function updateActivityViaRest(params) {
792
+ const { serviceUrl, conversationId, activityId, activity, token } = params;
793
+ const url = `${serviceUrl.replace(/\/+$/, "")}/v3/conversations/${encodeURIComponent(conversationId)}/activities/${encodeURIComponent(activityId)}`;
794
+ const headers = {
795
+ "Content-Type": "application/json",
796
+ "User-Agent": buildUserAgent()
797
+ };
798
+ if (token) headers.Authorization = `Bearer ${token}`;
799
+ const currentFetch = globalThis.fetch;
800
+ const { response, release } = await fetchWithSsrFGuard({
801
+ url,
802
+ fetchImpl: async (input, guardedInit) => await currentFetch(input, guardedInit),
803
+ init: {
804
+ method: "PUT",
805
+ headers,
806
+ body: JSON.stringify({
807
+ type: "message",
808
+ ...activity,
809
+ id: activityId
810
+ })
811
+ },
812
+ auditContext: "msteams-update-activity"
813
+ });
814
+ try {
815
+ if (!response.ok) {
816
+ const body = await response.text().catch(() => "");
817
+ throw Object.assign(/* @__PURE__ */ new Error(`updateActivity failed: HTTP ${response.status} ${body}`), { statusCode: response.status });
818
+ }
819
+ return await response.json().catch(() => ({ id: activityId }));
820
+ } finally {
821
+ await release();
822
+ }
823
+ }
824
+ /**
825
+ * Delete an existing activity via the Bot Framework REST API.
826
+ * DELETE /v3/conversations/{conversationId}/activities/{activityId}
827
+ */
828
+ async function deleteActivityViaRest(params) {
829
+ const { serviceUrl, conversationId, activityId, token } = params;
830
+ const url = `${serviceUrl.replace(/\/+$/, "")}/v3/conversations/${encodeURIComponent(conversationId)}/activities/${encodeURIComponent(activityId)}`;
831
+ const headers = { "User-Agent": buildUserAgent() };
832
+ if (token) headers.Authorization = `Bearer ${token}`;
833
+ const currentFetch = globalThis.fetch;
834
+ const { response, release } = await fetchWithSsrFGuard({
835
+ url,
836
+ fetchImpl: async (input, guardedInit) => await currentFetch(input, guardedInit),
837
+ init: {
838
+ method: "DELETE",
839
+ headers
840
+ },
841
+ auditContext: "msteams-delete-activity"
842
+ });
843
+ try {
844
+ if (!response.ok) {
845
+ const body = await response.text().catch(() => "");
846
+ throw Object.assign(/* @__PURE__ */ new Error(`deleteActivity failed: HTTP ${response.status} ${body}`), { statusCode: response.status });
847
+ }
848
+ } finally {
849
+ await release();
850
+ }
851
+ }
852
+ /**
853
+ * Build a CloudAdapter-compatible adapter using the Teams SDK REST client.
854
+ *
855
+ * This replaces the previous CloudAdapter from @microsoft/agents-hosting.
856
+ * For incoming requests: the App's HTTP server handles JWT validation.
857
+ * For proactive sends: uses the Bot Framework REST API via
858
+ * @microsoft/teams.api Client.
859
+ */
860
+ function createMSTeamsAdapter(app, sdk) {
861
+ return {
862
+ async continueConversation(_appId, reference, logic) {
863
+ const serviceUrl = reference.serviceUrl;
864
+ if (!serviceUrl) throw new Error("Missing serviceUrl in conversation reference");
865
+ const conversationId = reference.conversation?.id;
866
+ if (!conversationId) throw new Error("Missing conversation.id in conversation reference");
867
+ const tenantId = reference.tenantId ?? reference.conversation?.tenantId;
868
+ const recipientAadObjectId = reference.aadObjectId ?? reference.user?.aadObjectId;
869
+ const recipientId = reference.user?.id;
870
+ await logic(createSendContext({
871
+ sdk,
872
+ serviceUrl,
873
+ conversationId,
874
+ conversationType: reference.conversation?.conversationType,
875
+ bot: reference.agent ?? void 0,
876
+ getToken: createBotTokenGetter(app),
877
+ tenantId,
878
+ recipientId,
879
+ recipientAadObjectId
880
+ }));
881
+ },
882
+ async process(req, res, logic) {
883
+ const request = req;
884
+ const response = res;
885
+ const activity = request.body;
886
+ const isInvoke = activity?.type === "invoke";
887
+ try {
888
+ const context = createProcessContext({
889
+ sdk,
890
+ activity,
891
+ getToken: createBotTokenGetter(app)
892
+ });
893
+ if (isInvoke) response.status(200).send();
894
+ await logic(context);
895
+ if (!isInvoke) response.status(200).send();
896
+ } catch (err) {
897
+ if (!isInvoke) response.status(500).send({ error: formatUnknownError(err) });
898
+ }
899
+ },
900
+ async updateActivity(_context, _activity) {},
901
+ async deleteActivity(_context, _reference) {}
902
+ };
903
+ }
904
+ async function loadMSTeamsSdkWithAuth(creds) {
905
+ const sdk = await loadMSTeamsSdk();
906
+ return {
907
+ sdk,
908
+ app: await createMSTeamsApp(creds, sdk)
909
+ };
910
+ }
911
+ /**
912
+ * Bot Framework issuer → JWKS mapping.
913
+ * During Microsoft's transition, inbound service tokens can be signed by either
914
+ * the legacy Bot Framework issuer or the Entra issuer. Each gets its own JWKS
915
+ * endpoint so we verify signatures with the correct key set.
916
+ */
917
+ const BOT_FRAMEWORK_ISSUERS = [
918
+ {
919
+ issuer: "https://api.botframework.com",
920
+ jwksUri: "https://login.botframework.com/v1/.well-known/keys"
921
+ },
922
+ {
923
+ issuer: (tenantId) => `https://login.microsoftonline.com/${tenantId}/v2.0`,
924
+ jwksUri: "https://login.microsoftonline.com/common/discovery/v2.0/keys"
925
+ },
926
+ {
927
+ issuer: (tenantId) => `https://sts.windows.net/${tenantId}/`,
928
+ jwksUri: "https://login.microsoftonline.com/common/discovery/v2.0/keys"
929
+ }
930
+ ];
931
+ const BOT_FRAMEWORK_GLOBAL_AUDIENCE = "https://api.botframework.com";
932
+ function isJwtPayloadObject(value) {
933
+ return !!value && typeof value === "object" && !Array.isArray(value);
934
+ }
935
+ function getAudienceClaims(payload) {
936
+ if (!isJwtPayloadObject(payload)) return [];
937
+ const audience = payload.aud;
938
+ if (typeof audience === "string") {
939
+ const trimmed = audience.trim();
940
+ return trimmed ? [trimmed] : [];
941
+ }
942
+ if (Array.isArray(audience)) return audience.filter((value) => typeof value === "string").map((value) => value.trim()).filter(Boolean);
943
+ return [];
944
+ }
945
+ function normalizeBotIdentityClaim(value) {
946
+ if (typeof value !== "string") return null;
947
+ return value.trim().toLowerCase() || null;
948
+ }
949
+ function hasExpectedBotIdentity(payload, expectedAppId) {
950
+ if (!isJwtPayloadObject(payload)) return false;
951
+ const expected = normalizeBotIdentityClaim(expectedAppId);
952
+ if (!expected) return false;
953
+ return normalizeBotIdentityClaim(payload.appid) === expected || normalizeBotIdentityClaim(payload.azp) === expected;
954
+ }
955
+ let botFrameworkJwtDepsPromise = null;
956
+ async function loadBotFrameworkJwtDeps() {
957
+ botFrameworkJwtDepsPromise ??= Promise.all([import("./jsonwebtoken-Sog-1-qI.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1)), import("./src-DLwmDvJ4.js").then((m) => /* @__PURE__ */ __toESM(m.default, 1))]).then(([jwt, { JwksClient }]) => ({
958
+ jwt,
959
+ JwksClient
960
+ }));
961
+ return botFrameworkJwtDepsPromise;
962
+ }
963
+ /**
964
+ * Create a Bot Framework JWT validator using jsonwebtoken + jwks-rsa directly.
965
+ *
966
+ * The @microsoft/teams.apps JwtValidator hardcodes audience to [clientId, api://clientId],
967
+ * which rejects valid Bot Framework tokens that carry aud: "https://api.botframework.com".
968
+ * This implementation uses jsonwebtoken directly with the correct audience list, matching
969
+ * the behavior of the legacy @microsoft/agents-hosting authorizeJWT middleware.
970
+ *
971
+ * Security invariants:
972
+ * - signature verification via issuer-specific JWKS endpoints
973
+ * - audience validation: appId, api://appId, and https://api.botframework.com
974
+ * - issuer validation: strict allowlist (Bot Framework + tenant-scoped Entra)
975
+ * - expiration validation with 5-minute clock tolerance
976
+ */
977
+ async function createBotFrameworkJwtValidator(creds) {
978
+ const { jwt, JwksClient } = await loadBotFrameworkJwtDeps();
979
+ const allowedAudiences = [
980
+ creds.appId,
981
+ `api://${creds.appId}`,
982
+ BOT_FRAMEWORK_GLOBAL_AUDIENCE
983
+ ];
984
+ const allowedIssuers = BOT_FRAMEWORK_ISSUERS.map((entry) => typeof entry.issuer === "function" ? entry.issuer(creds.tenantId) : entry.issuer);
985
+ const jwksClients = /* @__PURE__ */ new Map();
986
+ function getJwksClient(uri) {
987
+ let client = jwksClients.get(uri);
988
+ if (!client) {
989
+ client = new JwksClient({
990
+ jwksUri: uri,
991
+ cache: true,
992
+ cacheMaxAge: 6e5,
993
+ rateLimit: true
994
+ });
995
+ jwksClients.set(uri, client);
996
+ }
997
+ return client;
998
+ }
999
+ /** Decode the token header without verification to determine the kid. */
1000
+ function decodeHeader(token) {
1001
+ const decoded = jwt.decode(token, { complete: true });
1002
+ return decoded && typeof decoded === "object" ? decoded.header : null;
1003
+ }
1004
+ /** Resolve the issuer entry for a token's issuer claim (pre-verification). */
1005
+ function resolveIssuerEntry(issuerClaim) {
1006
+ if (!issuerClaim) return;
1007
+ return BOT_FRAMEWORK_ISSUERS.find((entry) => {
1008
+ return (typeof entry.issuer === "function" ? entry.issuer(creds.tenantId) : entry.issuer) === issuerClaim;
1009
+ });
1010
+ }
1011
+ return { async validate(authHeader, _serviceUrl) {
1012
+ const token = authHeader.startsWith("Bearer ") ? authHeader.slice(7) : authHeader;
1013
+ if (!token) return false;
1014
+ const header = decodeHeader(token);
1015
+ const unverifiedPayload = jwt.decode(token);
1016
+ if (!header?.kid || !isJwtPayloadObject(unverifiedPayload) || typeof unverifiedPayload.iss !== "string") return false;
1017
+ const issuerEntry = resolveIssuerEntry(unverifiedPayload.iss);
1018
+ if (!issuerEntry) return false;
1019
+ const client = getJwksClient(issuerEntry.jwksUri);
1020
+ try {
1021
+ const publicKey = (await client.getSigningKey(header.kid)).getPublicKey();
1022
+ const verifiedPayload = jwt.verify(token, publicKey, {
1023
+ audience: allowedAudiences,
1024
+ issuer: allowedIssuers,
1025
+ algorithms: ["RS256"],
1026
+ clockTolerance: 300
1027
+ });
1028
+ if (!isJwtPayloadObject(verifiedPayload)) return false;
1029
+ if (getAudienceClaims(verifiedPayload).includes(BOT_FRAMEWORK_GLOBAL_AUDIENCE) && !hasExpectedBotIdentity(verifiedPayload, creds.appId)) return false;
1030
+ return true;
1031
+ } catch {
1032
+ return false;
1033
+ }
1034
+ } };
1035
+ }
1036
+ //#endregion
1037
+ //#region extensions/msteams/src/token-response.ts
1038
+ function readAccessToken(value) {
1039
+ if (typeof value === "string") return value;
1040
+ if (value && typeof value === "object") {
1041
+ const token = value.accessToken ?? value.token;
1042
+ return typeof token === "string" ? token : null;
1043
+ }
1044
+ return null;
1045
+ }
1046
+ //#endregion
1047
+ //#region extensions/msteams/src/storage.ts
1048
+ function resolveMSTeamsStorePath(params) {
1049
+ if (params.storePath) return params.storePath;
1050
+ if (params.stateDir) return path.join(params.stateDir, params.filename);
1051
+ const env = params.env ?? process.env;
1052
+ const stateDir = params.homedir ? getMSTeamsRuntime().state.resolveStateDir(env, params.homedir) : getMSTeamsRuntime().state.resolveStateDir(env);
1053
+ return path.join(stateDir, params.filename);
1054
+ }
1055
+ //#endregion
1056
+ //#region extensions/msteams/src/token.ts
1057
+ function resolveAuthType(cfg) {
1058
+ const fromCfg = cfg?.authType;
1059
+ if (fromCfg === "secret" || fromCfg === "federated") return fromCfg;
1060
+ if (process.env.MSTEAMS_AUTH_TYPE === "federated") return "federated";
1061
+ return "secret";
1062
+ }
1063
+ function hasConfiguredMSTeamsCredentials(cfg) {
1064
+ const authType = resolveAuthType(cfg);
1065
+ const hasAppId = Boolean(normalizeSecretInputString(cfg?.appId) || normalizeSecretInputString(process.env.MSTEAMS_APP_ID));
1066
+ const hasTenantId = Boolean(normalizeSecretInputString(cfg?.tenantId) || normalizeSecretInputString(process.env.MSTEAMS_TENANT_ID));
1067
+ if (authType === "federated") {
1068
+ const hasCert = Boolean(cfg?.certificatePath || process.env.MSTEAMS_CERTIFICATE_PATH);
1069
+ const hasManagedIdentity = cfg?.useManagedIdentity ?? process.env.MSTEAMS_USE_MANAGED_IDENTITY === "true";
1070
+ return hasAppId && hasTenantId && (hasCert || hasManagedIdentity);
1071
+ }
1072
+ return Boolean(normalizeSecretInputString(cfg?.appId) && hasConfiguredSecretInput(cfg?.appPassword) && normalizeSecretInputString(cfg?.tenantId));
1073
+ }
1074
+ function resolveMSTeamsCredentials(cfg) {
1075
+ const authType = resolveAuthType(cfg);
1076
+ const appId = normalizeSecretInputString(cfg?.appId) || normalizeSecretInputString(process.env.MSTEAMS_APP_ID);
1077
+ const tenantId = normalizeSecretInputString(cfg?.tenantId) || normalizeSecretInputString(process.env.MSTEAMS_TENANT_ID);
1078
+ if (!appId || !tenantId) return;
1079
+ if (authType === "federated") {
1080
+ const certificatePath = cfg?.certificatePath || process.env.MSTEAMS_CERTIFICATE_PATH || void 0;
1081
+ const certificateThumbprint = cfg?.certificateThumbprint || process.env.MSTEAMS_CERTIFICATE_THUMBPRINT || void 0;
1082
+ const useManagedIdentity = cfg?.useManagedIdentity ?? process.env.MSTEAMS_USE_MANAGED_IDENTITY === "true";
1083
+ const managedIdentityClientId = cfg?.managedIdentityClientId || process.env.MSTEAMS_MANAGED_IDENTITY_CLIENT_ID || void 0;
1084
+ if (!certificatePath && !useManagedIdentity) return;
1085
+ return {
1086
+ type: "federated",
1087
+ appId,
1088
+ tenantId,
1089
+ certificatePath,
1090
+ certificateThumbprint,
1091
+ useManagedIdentity: useManagedIdentity || void 0,
1092
+ managedIdentityClientId
1093
+ };
1094
+ }
1095
+ const appPassword = normalizeResolvedSecretInputString({
1096
+ value: cfg?.appPassword,
1097
+ path: "channels.msteams.appPassword"
1098
+ }) || normalizeSecretInputString(process.env.MSTEAMS_APP_PASSWORD);
1099
+ if (!appPassword) return;
1100
+ return {
1101
+ type: "secret",
1102
+ appId,
1103
+ appPassword,
1104
+ tenantId
1105
+ };
1106
+ }
1107
+ const DELEGATED_TOKEN_FILENAME = "msteams-delegated.json";
1108
+ function resolveDelegatedTokenPath() {
1109
+ return resolveMSTeamsStorePath({ filename: DELEGATED_TOKEN_FILENAME });
1110
+ }
1111
+ function loadDelegatedTokens() {
1112
+ try {
1113
+ const content = readFileSync(resolveDelegatedTokenPath(), "utf8");
1114
+ return JSON.parse(content);
1115
+ } catch {
1116
+ return;
1117
+ }
1118
+ }
1119
+ function saveDelegatedTokens(tokens) {
1120
+ const tokenPath = resolveDelegatedTokenPath();
1121
+ mkdirSync(dirname(tokenPath), { recursive: true });
1122
+ writeFileSync(tokenPath, JSON.stringify(tokens, null, 2), "utf8");
1123
+ }
1124
+ async function resolveDelegatedAccessToken(params) {
1125
+ const tokens = loadDelegatedTokens();
1126
+ if (!tokens) return;
1127
+ if (tokens.expiresAt > Date.now()) return tokens.accessToken;
1128
+ try {
1129
+ const refreshed = await refreshMSTeamsDelegatedTokens({
1130
+ tenantId: params.tenantId,
1131
+ clientId: params.clientId,
1132
+ clientSecret: params.clientSecret,
1133
+ refreshToken: tokens.refreshToken,
1134
+ scopes: tokens.scopes
1135
+ });
1136
+ saveDelegatedTokens(refreshed);
1137
+ return refreshed.accessToken;
1138
+ } catch {
1139
+ return;
1140
+ }
1141
+ }
1142
+ //#endregion
1143
+ //#region extensions/msteams/src/graph.ts
1144
+ const GRAPH_BETA = "https://graph.microsoft.com/beta";
1145
+ function normalizeQuery(value) {
1146
+ return value?.trim() ?? "";
1147
+ }
1148
+ function escapeOData(value) {
1149
+ return value.replace(/'/g, "''");
1150
+ }
1151
+ async function requestGraph(params) {
1152
+ const hasBody = params.body !== void 0;
1153
+ const res = await fetch(`${params.root ?? "https://graph.microsoft.com/v1.0"}${params.path}`, {
1154
+ method: params.method,
1155
+ headers: {
1156
+ "User-Agent": buildUserAgent(),
1157
+ Authorization: `Bearer ${params.token}`,
1158
+ ...hasBody ? { "Content-Type": "application/json" } : {},
1159
+ ...params.headers
1160
+ },
1161
+ body: hasBody ? JSON.stringify(params.body) : void 0
1162
+ });
1163
+ if (!res.ok) {
1164
+ const text = await res.text().catch(() => "");
1165
+ throw new Error(`${params.errorPrefix ?? "Graph"} ${params.path} failed (${res.status}): ${text || "unknown error"}`);
1166
+ }
1167
+ return res;
1168
+ }
1169
+ async function readOptionalGraphJson(res) {
1170
+ if (res.status === 204 || res.headers?.get?.("content-length") === "0") return;
1171
+ return await res.json();
1172
+ }
1173
+ async function fetchGraphJson(params) {
1174
+ return await readOptionalGraphJson(await requestGraph({
1175
+ token: params.token,
1176
+ path: params.path,
1177
+ method: params.method,
1178
+ body: params.body,
1179
+ headers: params.headers
1180
+ }));
1181
+ }
1182
+ /**
1183
+ * Fetch JSON from an absolute Graph API URL (for example @odata.nextLink
1184
+ * pagination URLs) without prepending GRAPH_ROOT.
1185
+ */
1186
+ async function fetchGraphAbsoluteUrl(params) {
1187
+ const { response, release } = await fetchWithSsrFGuard({
1188
+ url: params.url,
1189
+ init: { headers: {
1190
+ "User-Agent": buildUserAgent(),
1191
+ Authorization: `Bearer ${params.token}`,
1192
+ ...params.headers
1193
+ } },
1194
+ auditContext: "msteams.graph.absolute"
1195
+ });
1196
+ try {
1197
+ if (!response.ok) {
1198
+ const text = await response.text().catch(() => "");
1199
+ throw new Error(`Graph ${params.url} failed (${response.status}): ${text || "unknown error"}`);
1200
+ }
1201
+ return await response.json();
1202
+ } finally {
1203
+ await release();
1204
+ }
1205
+ }
1206
+ /**
1207
+ * Fetch all pages of a Graph API collection, following @odata.nextLink.
1208
+ * Optionally stop early when `findOne` matches an item.
1209
+ */
1210
+ async function fetchAllGraphPages(params) {
1211
+ const maxPages = params.maxPages ?? 50;
1212
+ const items = [];
1213
+ let nextPath = params.path;
1214
+ for (let page = 0; page < maxPages && nextPath; page++) {
1215
+ const res = await fetchGraphJson({
1216
+ token: params.token,
1217
+ path: nextPath,
1218
+ headers: params.headers
1219
+ });
1220
+ const pageItems = res.value ?? [];
1221
+ if (params.findOne) {
1222
+ const match = pageItems.find(params.findOne);
1223
+ if (match) {
1224
+ items.push(...pageItems);
1225
+ return {
1226
+ items,
1227
+ truncated: false,
1228
+ found: match
1229
+ };
1230
+ }
1231
+ }
1232
+ items.push(...pageItems);
1233
+ const rawNext = res["@odata.nextLink"];
1234
+ if (rawNext) nextPath = rawNext.replace("https://graph.microsoft.com/v1.0", "").replace("https://graph.microsoft.com/beta", "");
1235
+ else nextPath = void 0;
1236
+ }
1237
+ return {
1238
+ items,
1239
+ truncated: Boolean(nextPath)
1240
+ };
1241
+ }
1242
+ async function resolveGraphToken(cfg, options) {
1243
+ const msteamsCfg = cfg?.channels?.msteams;
1244
+ const creds = resolveMSTeamsCredentials(msteamsCfg);
1245
+ if (!creds) throw new Error("MS Teams credentials missing");
1246
+ if (options?.preferDelegated && msteamsCfg?.delegatedAuth?.enabled && creds.type === "secret") {
1247
+ const delegated = await resolveDelegatedAccessToken({
1248
+ tenantId: creds.tenantId,
1249
+ clientId: creds.appId,
1250
+ clientSecret: creds.appPassword
1251
+ });
1252
+ if (delegated) return delegated;
1253
+ }
1254
+ const { app } = await loadMSTeamsSdkWithAuth(creds);
1255
+ const accessToken = readAccessToken(await createMSTeamsTokenProvider(app).getAccessToken("https://graph.microsoft.com"));
1256
+ if (!accessToken) throw new Error("MS Teams graph token unavailable");
1257
+ return accessToken;
1258
+ }
1259
+ async function listTeamsByName(token, query) {
1260
+ const filter = `resourceProvisioningOptions/Any(x:x eq 'Team') and startsWith(displayName,'${escapeOData(query)}')`;
1261
+ const { items } = await fetchAllGraphPages({
1262
+ token,
1263
+ path: `/groups?$filter=${encodeURIComponent(filter)}&$select=id,displayName`,
1264
+ maxPages: 5
1265
+ });
1266
+ return items;
1267
+ }
1268
+ async function postGraphJson(params) {
1269
+ return readOptionalGraphJson(await requestGraph({
1270
+ token: params.token,
1271
+ path: params.path,
1272
+ method: "POST",
1273
+ body: params.body,
1274
+ errorPrefix: "Graph POST"
1275
+ }));
1276
+ }
1277
+ async function postGraphBetaJson(params) {
1278
+ return readOptionalGraphJson(await requestGraph({
1279
+ token: params.token,
1280
+ path: params.path,
1281
+ method: "POST",
1282
+ root: GRAPH_BETA,
1283
+ body: params.body,
1284
+ errorPrefix: "Graph beta POST"
1285
+ }));
1286
+ }
1287
+ async function deleteGraphRequest(params) {
1288
+ await requestGraph({
1289
+ token: params.token,
1290
+ path: params.path,
1291
+ method: "DELETE",
1292
+ errorPrefix: "Graph DELETE"
1293
+ });
1294
+ }
1295
+ async function patchGraphJson(params) {
1296
+ const res = await requestGraph({
1297
+ token: params.token,
1298
+ path: params.path,
1299
+ method: "PATCH",
1300
+ body: params.body,
1301
+ errorPrefix: "Graph PATCH"
1302
+ });
1303
+ if (res.status === 204 || res.headers.get("content-length") === "0") return;
1304
+ return await res.json();
1305
+ }
1306
+ async function listChannelsForTeam(token, teamId) {
1307
+ const { items } = await fetchAllGraphPages({
1308
+ token,
1309
+ path: `/teams/${encodeURIComponent(teamId)}/channels?$select=id,displayName`,
1310
+ maxPages: 10
1311
+ });
1312
+ return items;
1313
+ }
1314
+ //#endregion
1315
+ //#region extensions/msteams/src/graph-users.ts
1316
+ async function searchGraphUsers(params) {
1317
+ const query = params.query.trim();
1318
+ if (!query) return [];
1319
+ if (query.includes("@")) {
1320
+ const escaped = escapeOData(query);
1321
+ const filter = `(mail eq '${escaped}' or userPrincipalName eq '${escaped}')`;
1322
+ const path = `/users?$filter=${encodeURIComponent(filter)}&$select=id,displayName,mail,userPrincipalName`;
1323
+ return (await fetchGraphJson({
1324
+ token: params.token,
1325
+ path
1326
+ })).value ?? [];
1327
+ }
1328
+ const top = typeof params.top === "number" && params.top > 0 ? params.top : 10;
1329
+ const path = `/users?$search=${encodeURIComponent(`"displayName:${query}"`)}&$select=id,displayName,mail,userPrincipalName&$top=${top}`;
1330
+ return (await fetchGraphJson({
1331
+ token: params.token,
1332
+ path,
1333
+ headers: { ConsistencyLevel: "eventual" }
1334
+ })).value ?? [];
1335
+ }
1336
+ //#endregion
1337
+ export { GRAPH_ROOT as A, isUrlAllowed as B, buildUserAgent as C, formatUnknownError as D, formatMSTeamsSendErrorHint as E, extractHtmlFromAttachment as F, resolveRequestUrl as G, readNestedString as H, extractInlineImageCandidates as I, tryBuildGraphSharesUrlForSharedLink as J, safeFetchWithPolicy as K, inferPlaceholder as L, applyAuthorizationHeaderForUrl as M, encodeGraphShareId as N, isRevokedProxyError as O, estimateBase64DecodedBytes as P, isDownloadableAttachment as R, loadMSTeamsSdkWithAuth as S, classifyMSTeamsSendError as T, resolveAttachmentFetchPolicy as U, normalizeContentType as V, resolveMediaSsrfPolicy as W, resolveMSTeamsStorePath as _, fetchGraphJson as a, createMSTeamsAdapter as b, normalizeQuery as c, postGraphJson as d, resolveGraphToken as f, saveDelegatedTokens as g, resolveMSTeamsCredentials as h, fetchGraphAbsoluteUrl as i, IMG_SRC_RE as j, ATTACHMENT_TAG_RE as k, patchGraphJson as l, loadDelegatedTokens as m, deleteGraphRequest as n, listChannelsForTeam as o, hasConfiguredMSTeamsCredentials as p, safeHostForUrl as q, escapeOData as r, listTeamsByName as s, searchGraphUsers as t, postGraphBetaJson as u, readAccessToken as v, ensureUserAgentHeader as w, createMSTeamsTokenProvider as x, createBotFrameworkJwtValidator as y, isLikelyImageAttachment as z };