@polpo-ai/server 0.2.2

package/dist/routes/vault.js

@@ -0,0 +1,237 @@
+/**
+ * Vault REST API — direct CRUD for encrypted vault entries.
+ *
+ * POST /vault/entries — Save a vault entry (used by UI after vault_preview confirm)
+ * DELETE /vault/entries/:agent/:service — Remove a vault entry
+ *
+ * This bypasses the LLM entirely — credentials go straight to the encrypted store.
+ * No credentials are logged, persisted in session history, or returned in responses.
+ */
+import { OpenAPIHono, createRoute, z } from "@hono/zod-openapi";
+export function vaultRoutes(getDeps) {
+    const app = new OpenAPIHono();
+    // POST /vault/entries — save a vault entry
+    const saveEntryRoute = createRoute({
+        method: "post",
+        path: "/entries",
+        tags: ["Vault"],
+        summary: "Save vault entry",
+        description: "Save credentials to the encrypted vault store. Credentials are encrypted at rest (AES-256-GCM) and never logged or persisted in chat history.",
+        request: {
+            body: {
+                content: {
+                    "application/json": {
+                        schema: z.object({
+                            agent: z.string().min(1).describe("Agent name"),
+                            service: z.string().min(1).describe("Service name (vault key)"),
+                            type: z.enum(["smtp", "imap", "oauth", "api_key", "login", "custom"]).describe("Credential type"),
+                            label: z.string().optional().describe("Human-readable label"),
+                            credentials: z.record(z.string(), z.string()).describe("Key-value credential fields"),
+                        }),
+                    },
+                },
+            },
+        },
+        responses: {
+            200: {
+                content: {
+                    "application/json": {
+                        schema: z.object({
+                            ok: z.boolean(),
+                            data: z.object({
+                                agent: z.string(),
+                                service: z.string(),
+                                type: z.string(),
+                                keys: z.array(z.string()),
+                            }),
+                        }),
+                    },
+                },
+                description: "Vault entry saved successfully",
+            },
+            503: {
+                content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string() }) } },
+                description: "Vault store not available",
+            },
+        },
+    });
+    app.openapi(saveEntryRoute, async (c) => {
+        const { vaultStore } = getDeps();
+        if (!vaultStore) {
+            return c.json({ ok: false, error: "Vault store not available. Check POLPO_VAULT_KEY or ~/.polpo/vault.key." }, 503);
+        }
+        const body = c.req.valid("json");
+        const entry = {
+            type: body.type,
+            ...(body.label ? { label: body.label } : {}),
+            credentials: body.credentials,
+        };
+        await vaultStore.set(body.agent, body.service, entry);
+        // Return only metadata — NEVER return credential values
+        return c.json({
+            ok: true,
+            data: {
+                agent: body.agent,
+                service: body.service,
+                type: body.type,
+                keys: Object.keys(body.credentials),
+            },
+        }, 200);
+    });
+    // GET /vault/entries/:agent — list vault entries (metadata only, no credential values)
+    const listEntriesRoute = createRoute({
+        method: "get",
+        path: "/entries/{agent}",
+        tags: ["Vault"],
+        summary: "List vault entries",
+        description: "Returns metadata (service name, type, label, credential key names) without any secret values.",
+        request: {
+            params: z.object({
+                agent: z.string(),
+            }),
+        },
+        responses: {
+            200: {
+                content: {
+                    "application/json": {
+                        schema: z.object({
+                            ok: z.boolean(),
+                            data: z.array(z.object({
+                                service: z.string(),
+                                type: z.enum(["smtp", "imap", "oauth", "api_key", "login", "custom"]),
+                                label: z.string().optional(),
+                                keys: z.array(z.string()),
+                            })),
+                        }),
+                    },
+                },
+                description: "Vault entries metadata for the agent",
+            },
+            503: {
+                content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string() }) } },
+                description: "Vault store not available",
+            },
+        },
+    });
+    app.openapi(listEntriesRoute, async (c) => {
+        const { vaultStore } = getDeps();
+        if (!vaultStore) {
+            return c.json({ ok: false, error: "Vault store not available. Check POLPO_VAULT_KEY or ~/.polpo/vault.key." }, 503);
+        }
+        const { agent } = c.req.valid("param");
+        const entries = await vaultStore.list(agent);
+        return c.json({ ok: true, data: entries }, 200);
+    });
+    // PATCH /vault/entries/:agent/:service — partially update credentials
+    const patchEntryRoute = createRoute({
+        method: "patch",
+        path: "/entries/{agent}/{service}",
+        tags: ["Vault"],
+        summary: "Update vault credentials",
+        description: "Partially update credential fields in an existing vault entry. Only the provided fields are merged — existing fields are preserved. Optionally update type and label.",
+        request: {
+            params: z.object({
+                agent: z.string(),
+                service: z.string(),
+            }),
+            body: {
+                content: {
+                    "application/json": {
+                        schema: z.object({
+                            type: z.enum(["smtp", "imap", "oauth", "api_key", "login", "custom"]).optional().describe("Update credential type"),
+                            label: z.string().optional().describe("Update human-readable label"),
+                            credentials: z.record(z.string(), z.string()).optional().describe("Credential fields to add or update (merged with existing)"),
+                        }),
+                    },
+                },
+            },
+        },
+        responses: {
+            200: {
+                content: {
+                    "application/json": {
+                        schema: z.object({
+                            ok: z.boolean(),
+                            data: z.object({
+                                agent: z.string(),
+                                service: z.string(),
+                                type: z.string(),
+                                keys: z.array(z.string()),
+                            }),
+                        }),
+                    },
+                },
+                description: "Vault entry updated successfully",
+            },
+            404: {
+                content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string() }) } },
+                description: "Vault entry not found",
+            },
+            503: {
+                content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string() }) } },
+                description: "Vault store not available",
+            },
+        },
+    });
+    app.openapi(patchEntryRoute, async (c) => {
+        const { vaultStore } = getDeps();
+        if (!vaultStore) {
+            return c.json({ ok: false, error: "Vault store not available. Check POLPO_VAULT_KEY or ~/.polpo/vault.key." }, 503);
+        }
+        const { agent, service } = c.req.valid("param");
+        const existing = await vaultStore.get(agent, service);
+        if (!existing) {
+            return c.json({ ok: false, error: `No vault entry "${service}" for agent "${agent}".` }, 404);
+        }
+        const body = c.req.valid("json");
+        const mergedKeys = await vaultStore.patch(agent, service, {
+            type: body.type,
+            label: body.label,
+            credentials: body.credentials,
+        });
+        const updated = (await vaultStore.get(agent, service));
+        return c.json({
+            ok: true,
+            data: {
+                agent,
+                service,
+                type: updated.type,
+                keys: mergedKeys,
+            },
+        }, 200);
+    });
+    // DELETE /vault/entries/:agent/:service — remove a vault entry
+    const deleteEntryRoute = createRoute({
+        method: "delete",
+        path: "/entries/{agent}/{service}",
+        tags: ["Vault"],
+        summary: "Remove vault entry",
+        request: {
+            params: z.object({
+                agent: z.string(),
+                service: z.string(),
+            }),
+        },
+        responses: {
+            200: {
+                content: { "application/json": { schema: z.object({ ok: z.boolean(), data: z.object({ removed: z.boolean() }) }) } },
+                description: "Result",
+            },
+            503: {
+                content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string() }) } },
+                description: "Vault store not available",
+            },
+        },
+    });
+    app.openapi(deleteEntryRoute, async (c) => {
+        const { vaultStore } = getDeps();
+        if (!vaultStore) {
+            return c.json({ ok: false, error: "Vault store not available." }, 503);
+        }
+        const { agent, service } = c.req.valid("param");
+        const removed = await vaultStore.remove(agent, service);
+        return c.json({ ok: true, data: { removed } }, 200);
+    });
+    return app;
+}
+//# sourceMappingURL=vault.js.map

package/dist/routes/vault.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vault.js","sourceRoot":"","sources":["../../src/routes/vault.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,mBAAmB,CAAC;AAGhE,MAAM,UAAU,WAAW,CAAC,OAAmC;IAC7D,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;IAE9B,2CAA2C;IAC3C,MAAM,cAAc,GAAG,WAAW,CAAC;QACjC,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,UAAU;QAChB,IAAI,EAAE,CAAC,OAAO,CAAC;QACf,OAAO,EAAE,kBAAkB;QAC3B,WAAW,EAAE,+IAA+I;QAC5J,OAAO,EAAE;YACP,IAAI,EAAE;gBACJ,OAAO,EAAE;oBACP,kBAAkB,EAAE;wBAClB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;4BACf,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;4BAC/C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,0BAA0B,CAAC;4BAC/D,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,iBAAiB,CAAC;4BACjG,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,sBAAsB,CAAC;4BAC7D,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC;yBACtF,CAAC;qBACH;iBACF;aACF;SACF;QACD,SAAS,EAAE;YACT,GAAG,EAAE;gBACH,OAAO,EAAE;oBACP,kBAAkB,EAAE;wBAClB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;4BACf,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE;4BACf,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gCACb,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;gCACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;gCACnB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;gCAChB,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;6BAC1B,CAAC;yBACH,CAAC;qBACH;iBACF;gBACD,WAAW,EAAE,gCAAgC;aAC9C;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC7F,WAAW,EAAE,2BAA2B;aACzC;SACF;KACF,CAAC,CAAC;IAEH,GAAG,CAAC,OAAO,CAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACtC,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,yEAAyE,EAAE,EAAE,GAAG,CAAC,CAAC;QACtH,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,KAAK,GAAe;YACxB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5C,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;QAEF,MAAM,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAEtD,wDAAwD;QACxD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,IAAI;YACR,IAAI,EAAE;gBACJ,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC;aACpC;SACF,EAAE,GAAG,CAAC,CAAC;IACV,CAAC,CAAC,CAAC;IAEH,uFAAuF;IACvF,MAAM,gBAAgB,GAAG,WAAW,CAAC;QACnC,MAAM,EAAE,KAAK;QACb,IAAI,EAAE,kBAAkB;QACxB,IAAI,EAAE,CAAC,OAAO,CAAC;QACf,OAAO,EAAE,oBAAoB;QAC7B,WAAW,EAAE,+FAA+F;QAC5G,OAAO,EAAE;YACP,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;gBACf,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;aAClB,CAAC;SACH;QACD,SAAS,EAAE;YACT,GAAG,EAAE;gBACH,OAAO,EAAE;oBACP,kBAAkB,EAAE;wBAClB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;4BACf,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE;4BACf,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC;gCACrB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;gCACnB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;gCACrE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;gCAC5B,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;6BAC1B,CAAC,CAAC;yBACJ,CAAC;qBACH;iBACF;gBACD,WAAW,EAAE,sCAAsC;aACpD;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC7F,WAAW,EAAE,2BAA2B;aACzC;SACF;KACF,CAAC,CAAC;IAEH,GAAG,CAAC,OAAO,CAAC,gBAAgB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxC,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,yEAAyE,EAAE,EAAE,GAAG,CAAC,CAAC;QACtH,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,sEAAsE;IACtE,MAAM,eAAe,GAAG,WAAW,CAAC;QAClC,MAAM,EAAE,OAAO;QACf,IAAI,EAAE,4BAA4B;QAClC,IAAI,EAAE,CAAC,OAAO,CAAC;QACf,OAAO,EAAE,0BAA0B;QACnC,WAAW,EAAE,uKAAuK;QACpL,OAAO,EAAE;YACP,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;gBACf,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;gBACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;aACpB,CAAC;YACF,IAAI,EAAE;gBACJ,OAAO,EAAE;oBACP,kBAAkB,EAAE;wBAClB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;4BACf,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,wBAAwB,CAAC;4BACnH,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;4BACpE,WAAW,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,2DAA2D,CAAC;yBAC/H,CAAC;qBACH;iBACF;aACF;SACF;QACD,SAAS,EAAE;YACT,GAAG,EAAE;gBACH,OAAO,EAAE;oBACP,kBAAkB,EAAE;wBAClB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;4BACf,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE;4BACf,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gCACb,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;gCACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;gCACnB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;gCAChB,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;6BAC1B,CAAC;yBACH,CAAC;qBACH;iBACF;gBACD,WAAW,EAAE,kCAAkC;aAChD;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC7F,WAAW,EAAE,uBAAuB;aACrC;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC7F,WAAW,EAAE,2BAA2B;aACzC;SACF;KACF,CAAC,CAAC;IAEH,GAAG,CAAC,OAAO,CAAC,eAAe,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvC,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,yEAAyE,EAAE,EAAE,GAAG,CAAC,CAAC;QACtH,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACtD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,mBAAmB,OAAO,gBAAgB,KAAK,IAAI,EAAE,EAAE,GAAG,CAAC,CAAC;QAChG,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,EAAE;YACxD,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,CAAC,MAAM,UAAU,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,CAAE,CAAC;QACxD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,IAAI;YACR,IAAI,EAAE;gBACJ,KAAK;gBACL,OAAO;gBACP,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,IAAI,EAAE,UAAU;aACjB;SACF,EAAE,GAAG,CAAC,CAAC;IACV,CAAC,CAAC,CAAC;IAEH,+DAA+D;IAC/D,MAAM,gBAAgB,GAAG,WAAW,CAAC;QACnC,MAAM,EAAE,QAAQ;QAChB,IAAI,EAAE,4BAA4B;QAClC,IAAI,EAAE,CAAC,OAAO,CAAC;QACf,OAAO,EAAE,oBAAoB;QAC7B,OAAO,EAAE;YACP,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;gBACf,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;gBACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;aACpB,CAAC;SACH;QACD,SAAS,EAAE;YACT,GAAG,EAAE;gBACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;gBACpH,WAAW,EAAE,QAAQ;aACtB;YACD,GAAG,EAAE;gBACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;gBAC7F,WAAW,EAAE,2BAA2B;aACzC;SACF;KACF,CAAC,CAAC;IAEH,GAAG,CAAC,OAAO,CAAC,gBAAgB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxC,MAAM,EAAE,UAAU,EAAE,GAAG,OAAO,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,4BAA4B,EAAE,EAAE,GAAG,CAAC,CAAC;QACzE,CAAC;QAED,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,OAAO,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QACxD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/watchers.d.ts

@@ -0,0 +1,6 @@
+import { OpenAPIHono } from "@hono/zod-openapi";
+export declare function watcherRoutes(getDeps: () => {
+    getWatcherManager: () => any;
+    taskStore: any;
+}): OpenAPIHono;
+//# sourceMappingURL=watchers.d.ts.map

package/dist/routes/watchers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"watchers.d.ts","sourceRoot":"","sources":["../../src/routes/watchers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AA4EhE,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM;IAC3C,iBAAiB,EAAE,MAAM,GAAG,CAAC;IAC7B,SAAS,EAAE,GAAG,CAAC;CAChB,GAAG,WAAW,CAuDd"}

package/dist/routes/watchers.js

@@ -0,0 +1,119 @@
+import { OpenAPIHono, createRoute, z } from "@hono/zod-openapi";
+// ── Route definitions ─────────────────────────────────────────────────
+const listWatchersRoute = createRoute({
+    method: "get",
+    path: "/",
+    tags: ["Watchers"],
+    summary: "List watchers",
+    request: {
+        query: z.object({
+            active: z.string().optional(),
+        }),
+    },
+    responses: {
+        200: {
+            content: { "application/json": { schema: z.object({ ok: z.boolean(), data: z.array(z.any()) }) } },
+            description: "List of watchers",
+        },
+    },
+});
+const createWatcherRoute = createRoute({
+    method: "post",
+    path: "/",
+    tags: ["Watchers"],
+    summary: "Create watcher",
+    request: {
+        body: {
+            content: {
+                "application/json": {
+                    schema: z.object({
+                        taskId: z.string().min(1),
+                        targetStatus: z.enum(["pending", "assigned", "in_progress", "review", "done", "failed", "awaiting_approval"]),
+                        action: z.object({
+                            type: z.string().min(1),
+                        }).passthrough(),
+                    }),
+                },
+            },
+        },
+    },
+    responses: {
+        201: {
+            content: { "application/json": { schema: z.object({ ok: z.boolean(), data: z.any() }) } },
+            description: "Watcher created",
+        },
+        400: {
+            content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string(), code: z.string() }) } },
+            description: "Watcher manager unavailable or task not found",
+        },
+    },
+});
+const deleteWatcherRoute = createRoute({
+    method: "delete",
+    path: "/{watcherId}",
+    tags: ["Watchers"],
+    summary: "Delete watcher",
+    request: {
+        params: z.object({ watcherId: z.string() }),
+    },
+    responses: {
+        200: {
+            content: { "application/json": { schema: z.object({ ok: z.boolean(), data: z.object({ deleted: z.boolean() }) }) } },
+            description: "Watcher deleted",
+        },
+        404: {
+            content: { "application/json": { schema: z.object({ ok: z.boolean(), error: z.string(), code: z.string() }) } },
+            description: "Watcher not found",
+        },
+    },
+});
+// ── Route handlers ────────────────────────────────────────────────────
+export function watcherRoutes(getDeps) {
+    const app = new OpenAPIHono();
+    // GET /watchers — list watchers
+    app.openapi(listWatchersRoute, (c) => {
+        const deps = getDeps();
+        const watcherMgr = deps.getWatcherManager();
+        if (!watcherMgr) {
+            return c.json({ ok: true, data: [] });
+        }
+        const query = c.req.valid("query");
+        const watchers = query.active === "true" ? watcherMgr.getActive() : watcherMgr.getAll();
+        return c.json({ ok: true, data: watchers });
+    });
+    // POST /watchers — create a watcher
+    app.openapi(createWatcherRoute, async (c) => {
+        const deps = getDeps();
+        const watcherMgr = deps.getWatcherManager();
+        if (!watcherMgr) {
+            return c.json({ ok: false, error: "Watcher manager not available", code: "NOT_AVAILABLE" }, 400);
+        }
+        const body = c.req.valid("json");
+        const task = await deps.taskStore.getTask(body.taskId);
+        if (!task) {
+            return c.json({ ok: false, error: `Task "${body.taskId}" not found`, code: "NOT_FOUND" }, 400);
+        }
+        const watcher = watcherMgr.create({
+            taskId: body.taskId,
+            targetStatus: body.targetStatus,
+            action: body.action,
+        });
+        return c.json({ ok: true, data: watcher }, 201);
+    });
+    // DELETE /watchers/:watcherId — delete a watcher
+    app.openapi(deleteWatcherRoute, (c) => {
+        const deps = getDeps();
+        const watcherMgr = deps.getWatcherManager();
+        if (!watcherMgr) {
+            return c.json({ ok: false, error: "Watcher manager not available", code: "NOT_FOUND" }, 404);
+        }
+        const { watcherId } = c.req.valid("param");
+        const removed = watcherMgr.remove(watcherId);
+        if (!removed) {
+            return c.json({ ok: false, error: `Watcher "${watcherId}" not found`, code: "NOT_FOUND" }, 404);
+        }
+        return c.json({ ok: true, data: { deleted: true } }, 200);
+    });
+    return app;
+}
+//# sourceMappingURL=watchers.js.map

package/dist/routes/watchers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"watchers.js","sourceRoot":"","sources":["../../src/routes/watchers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,mBAAmB,CAAC;AAEhE,yEAAyE;AAEzE,MAAM,iBAAiB,GAAG,WAAW,CAAC;IACpC,MAAM,EAAE,KAAK;IACb,IAAI,EAAE,GAAG;IACT,IAAI,EAAE,CAAC,UAAU,CAAC;IAClB,OAAO,EAAE,eAAe;IACxB,OAAO,EAAE;QACP,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC;YACd,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;SAC9B,CAAC;KACH;IACD,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;YAClG,WAAW,EAAE,kBAAkB;SAChC;KACF;CACF,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,WAAW,CAAC;IACrC,MAAM,EAAE,MAAM;IACd,IAAI,EAAE,GAAG;IACT,IAAI,EAAE,CAAC,UAAU,CAAC;IAClB,OAAO,EAAE,gBAAgB;IACzB,OAAO,EAAE;QACP,IAAI,EAAE;YACJ,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;wBACf,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBACzB,YAAY,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,UAAU,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,mBAAmB,CAAC,CAAC;wBAC7G,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;4BACf,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;yBACxB,CAAC,CAAC,WAAW,EAAE;qBACjB,CAAC;iBACH;aACF;SACF;KACF;IACD,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;YACzF,WAAW,EAAE,iBAAiB;SAC/B;QACD,GAAG,EAAE;YACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;YAC/G,WAAW,EAAE,+CAA+C;SAC7D;KACF;CACF,CAAC,CAAC;AAEH,MAAM,kBAAkB,GAAG,WAAW,CAAC;IACrC,MAAM,EAAE,QAAQ;IAChB,IAAI,EAAE,cAAc;IACpB,IAAI,EAAE,CAAC,UAAU,CAAC;IAClB,OAAO,EAAE,gBAAgB;IACzB,OAAO,EAAE;QACP,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC;KAC5C;IACD,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,CAAC,EAAE,EAAE;YACpH,WAAW,EAAE,iBAAiB;SAC/B;QACD,GAAG,EAAE;YACH,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;YAC/G,WAAW,EAAE,mBAAmB;SACjC;KACF;CACF,CAAC,CAAC;AAEH,yEAAyE;AAEzE,MAAM,UAAU,aAAa,CAAC,OAG7B;IACC,MAAM,GAAG,GAAG,IAAI,WAAW,EAAE,CAAC;IAE9B,gCAAgC;IAChC,GAAG,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC,EAAE,EAAE;QACnC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC5C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACnC,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;QACxF,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,oCAAoC;IACpC,GAAG,CAAC,OAAO,CAAC,kBAAkB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1C,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC5C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,IAAI,EAAE,eAAe,EAAE,EAAE,GAAG,CAAC,CAAC;QACnG,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,IAAI,CAAC,MAAM,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,GAAG,CAAC,CAAC;QACjG,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC;YAChC,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,YAAY,EAAE,IAAI,CAAC,YAAmB;YACtC,MAAM,EAAE,IAAI,CAAC,MAAa;SAC3B,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,iDAAiD;IACjD,GAAG,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE;QACpC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;QACvB,MAAM,UAAU,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC5C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,GAAG,CAAC,CAAC;QAC/F,CAAC;QAED,MAAM,EAAE,SAAS,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC7C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,YAAY,SAAS,aAAa,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,GAAG,CAAC,CAAC;QAClG,CAAC;QACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}