@quanta-intellect/vessel-browser 0.1.88 → 0.1.92

package/out/main/index.js

@@ -6,11 +6,12 @@ const fs = require("fs");
 const crypto$1 = require("crypto");
 const Anthropic = require("@anthropic-ai/sdk");
 const OpenAI = require("openai");
+const http = require("http");
 const path$1 = require("node:path");
 const node_module = require("node:module");
 const zod = require("zod");
 const crypto$2 = require("node:crypto");
-const http = require("node:http");
+const http$1 = require("node:http");
 const os = require("node:os");
 const mcp_js = require("@modelcontextprotocol/sdk/server/mcp.js");
 const streamableHttp_js = require("@modelcontextprotocol/sdk/server/streamableHttp.js");
@@ -77,7 +78,8 @@ const defaults = {
 };
 const SAVE_DEBOUNCE_MS$6 = 150;
 const CHAT_PROVIDER_SECRET_FILENAME = "vessel-chat-provider-secret";
-const logger$k = createLogger("Settings");
+const CODEX_TOKENS_FILENAME = "vessel-codex-tokens";
+const logger$n = createLogger("Settings");
 const SETTABLE_KEYS = new Set(Object.keys(defaults));
 let settings = null;
 let settingsIssues = [];
@@ -115,15 +117,15 @@ function readStoredProviderSecret() {
   return null;
 }
 function writeStoredProviderSecret(secret) {
-  const filePath = getChatProviderSecretPath();
-  fs.mkdirSync(path.dirname(filePath), { recursive: true });
+  const filePath2 = getChatProviderSecretPath();
+  fs.mkdirSync(path.dirname(filePath2), { recursive: true });
   const payload = JSON.stringify(secret);
   if (canUseSafeStorage$1()) {
     const encrypted = electron.safeStorage.encryptString(payload);
-    fs.writeFileSync(filePath, encrypted, { mode: 384 });
+    fs.writeFileSync(filePath2, encrypted, { mode: 384 });
     return;
   }
-  fs.writeFileSync(filePath, payload, { mode: 384 });
+  fs.writeFileSync(filePath2, payload, { mode: 384 });
 }
 function clearStoredProviderSecret() {
   try {
@@ -131,6 +133,38 @@ function clearStoredProviderSecret() {
   } catch {
   }
 }
+function getCodexTokensPath() {
+  return path.join(getUserDataPath(), CODEX_TOKENS_FILENAME);
+}
+function readStoredCodexTokens() {
+  try {
+    const raw = fs.readFileSync(getCodexTokensPath());
+    const decoded = canUseSafeStorage$1() && electron.safeStorage.decryptString ? electron.safeStorage.decryptString(raw) : raw.toString("utf-8");
+    const parsed = JSON.parse(decoded);
+    if (parsed && typeof parsed === "object" && typeof parsed.accessToken === "string" && typeof parsed.refreshToken === "string") {
+      return parsed;
+    }
+  } catch {
+  }
+  return null;
+}
+function writeStoredCodexTokens(tokens) {
+  const filePath2 = getCodexTokensPath();
+  fs.mkdirSync(path.dirname(filePath2), { recursive: true });
+  const payload = JSON.stringify(tokens);
+  if (canUseSafeStorage$1()) {
+    const encrypted = electron.safeStorage.encryptString(payload);
+    fs.writeFileSync(filePath2, encrypted, { mode: 384 });
+    return;
+  }
+  fs.writeFileSync(filePath2, payload, { mode: 384 });
+}
+function clearStoredCodexTokens() {
+  try {
+    fs.unlinkSync(getCodexTokensPath());
+  } catch {
+  }
+}
 function mergeChatProviderSecret(provider) {
   if (!provider) return null;
   const stored = readStoredProviderSecret();
@@ -157,12 +191,14 @@ function buildPersistedSettings(source) {
 }
 function getRendererSettings() {
   const current = loadSettings();
+  const provider = current.chatProvider;
+  const hasCodexTokens = provider?.id === "openai_codex" && readStoredCodexTokens() !== null;
   return {
     ...current,
-    chatProvider: current.chatProvider ? {
-      ...current.chatProvider,
+    chatProvider: provider ? {
+      ...provider,
       apiKey: "",
-      hasApiKey: Boolean(current.chatProvider.apiKey)
+      hasApiKey: Boolean(provider.apiKey) || hasCodexTokens
     } : null
   };
 }
@@ -234,7 +270,7 @@ function persistNow() {
       getSettingsPath(),
       JSON.stringify(buildPersistedSettings(settings), null, 2)
     )
-  ).catch((err) => logger$k.error("Failed to save settings:", err));
+  ).catch((err) => logger$n.error("Failed to save settings:", err));
 }
 function saveSettings() {
   saveDirty = true;
@@ -246,11 +282,11 @@ function saveSettings() {
     }
   }, SAVE_DEBOUNCE_MS$6);
 }
-function setSetting(key, value) {
+function setSetting(key2, value) {
   loadSettings();
-  if (key === "mcpPort") {
+  if (key2 === "mcpPort") {
     settings.mcpPort = sanitizePort(value);
-  } else if (key === "chatProvider") {
+  } else if (key2 === "chatProvider") {
     const nextProvider = value;
     if (!nextProvider) {
       clearStoredProviderSecret();
@@ -278,7 +314,7 @@ function setSetting(key, value) {
       };
     }
   } else {
-    settings[key] = value;
+    settings[key2] = value;
   }
   saveSettings();
   return { ...settings };
@@ -341,7 +377,7 @@ function assertPermittedNavigationURL(url) {
 }
 const MAX_CUSTOM_HISTORY = 50;
 const READER_MODE_DATA_URL_PREFIX = "data:text/html;charset=utf-8,";
-const logger$j = createLogger("Tab");
+const logger$m = createLogger("Tab");
 const sessionCertExceptions = /* @__PURE__ */ new WeakMap();
 const sessionsWithVerifyProc = /* @__PURE__ */ new WeakSet();
 const CERT_VERIFY_TRUST = 0;
@@ -407,7 +443,7 @@ class Tab {
   guardedLoadURL(url, options) {
     const blockReason = this.getNavigationBlockReason(url);
     if (blockReason) {
-      logger$j.warn(blockReason);
+      logger$m.warn(blockReason);
       return blockReason;
     }
     void this.view.webContents.loadURL(url, options);
@@ -454,27 +490,27 @@ class Tab {
     this.view.webContents.on("before-input-event", (event, input) => {
       if (!input.control && !input.meta) return;
       if (input.type !== "keyDown") return;
-      const key = input.key.toLowerCase();
+      const key2 = input.key.toLowerCase();
       const wc = this.view.webContents;
-      if (key === "+" || key === "=") {
+      if (key2 === "+" || key2 === "=") {
         this.zoomIn();
         event.preventDefault();
         return;
       }
-      if (key === "-") {
+      if (key2 === "-") {
         this.zoomOut();
         event.preventDefault();
         return;
       }
-      if (key === "0") {
+      if (key2 === "0") {
         this.zoomReset();
         event.preventDefault();
         return;
       }
-      if (key === "c") wc.copy();
-      else if (key === "v") wc.paste();
-      else if (key === "x") wc.cut();
-      else if (key === "a") wc.selectAll();
+      if (key2 === "c") wc.copy();
+      else if (key2 === "v") wc.paste();
+      else if (key2 === "x") wc.cut();
+      else if (key2 === "a") wc.selectAll();
     });
     this.setupListeners();
     if (url) {
@@ -491,7 +527,7 @@ class Tab {
     wc.setWindowOpenHandler(({ url, disposition }) => {
       const error = this.getNavigationBlockReason(url);
       if (error) {
-        logger$j.warn(error);
+        logger$m.warn(error);
         return { action: "deny" };
       }
       this.onOpenUrl?.({
@@ -505,7 +541,7 @@ class Tab {
       const error = this.getNavigationBlockReason(url);
       if (!error) return;
       event.preventDefault();
-      logger$j.warn(`${context}: ${error}`);
+      logger$m.warn(`${context}: ${error}`);
     };
     wc.on("will-navigate", (event, url) => {
       blockNavigation(event, url, "Blocked top-level navigation");
@@ -589,7 +625,7 @@ class Tab {
         ::-webkit-scrollbar-thumb { background: rgba(255,255,255,0.12); border-radius: 999px; }
         ::-webkit-scrollbar-thumb:hover { background: rgba(255,255,255,0.22); }
         ::-webkit-scrollbar-corner { background: transparent; }
-      `).catch((err) => logger$j.warn("Failed to inject scrollbar CSS:", err));
+      `).catch((err) => logger$m.warn("Failed to inject scrollbar CSS:", err));
     });
     wc.on("page-favicon-updated", (_, favicons) => {
       this._state.favicon = favicons[0] || "";
@@ -625,7 +661,7 @@ class Tab {
       ).then((highlightedText) => {
         this.buildContextMenu(wc, params, highlightedText.trim());
       }).catch((err) => {
-        logger$j.warn("Failed to inspect highlighted text for context menu:", err);
+        logger$m.warn("Failed to inspect highlighted text for context menu:", err);
         this.buildContextMenu(wc, params, "");
       });
     });
@@ -748,8 +784,8 @@ class Tab {
     }
     if (postBody) {
       const params = new URLSearchParams();
-      for (const [key, value] of Object.entries(postBody)) {
-        params.set(key, value);
+      for (const [key2, value] of Object.entries(postBody)) {
+        params.set(key2, value);
       }
       return this.guardedLoadURL(url, {
         method: "POST",
@@ -826,7 +862,7 @@ class Tab {
         "document.documentElement.outerHTML"
       );
     } catch (err) {
-      logger$j.warn("Failed to retrieve page source:", err);
+      logger$m.warn("Failed to retrieve page source:", err);
       return;
     }
     const escaped = html.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
@@ -954,7 +990,7 @@ class Tab {
             document.addEventListener('mouseup', window.__vesselHighlightHandler);
           }
         })()
-      `).catch((err) => logger$j.warn("Failed to inject highlight listener:", err));
+      `).catch((err) => logger$m.warn("Failed to inject highlight listener:", err));
     } else {
       void wc.executeJavaScript(`
         (function() {
@@ -965,7 +1001,7 @@ class Tab {
             delete window.__vesselHighlightHandler;
           }
         })()
-      `).catch((err) => logger$j.warn("Failed to remove highlight listener:", err));
+      `).catch((err) => logger$m.warn("Failed to remove highlight listener:", err));
     }
   }
   get webContentsId() {
@@ -1002,7 +1038,7 @@ const SEARCH_ENGINE_PRESETS = {
   ecosia: { label: "Ecosia", url: "https://www.ecosia.org/search?q=" },
   kagi: { label: "Kagi", url: "https://kagi.com/search?q=" }
 };
-const logger$i = createLogger("JsonPersistence");
+const logger$l = createLogger("JsonPersistence");
 function canUseSafeStorage() {
   try {
     return electron.safeStorage.isEncryptionAvailable();
@@ -1023,22 +1059,22 @@ function encodeStoredData(payload, secure) {
   return payload;
 }
 function loadJsonFile({
-  filePath,
+  filePath: filePath2,
   fallback,
-  parse,
+  parse: parse2,
   secure = false
 }) {
   try {
-    const raw = fs.readFileSync(filePath);
+    const raw = fs.readFileSync(filePath2);
     const decoded = decodeStoredData(raw, secure);
-    return parse(JSON.parse(decoded));
+    return parse2(JSON.parse(decoded));
   } catch {
     return fallback;
   }
 }
 function createDebouncedJsonPersistence({
   debounceMs,
-  filePath,
+  filePath: filePath2,
   getValue,
   logLabel,
   resetOnSchedule = false,
@@ -1061,13 +1097,13 @@ function createDebouncedJsonPersistence({
       2
     );
     const data = encodeStoredData(payload, secure);
-    await fs.promises.mkdir(path.dirname(filePath), { recursive: true }).then(
+    await fs.promises.mkdir(path.dirname(filePath2), { recursive: true }).then(
       () => fs.promises.writeFile(
-        filePath,
+        filePath2,
         data,
         typeof data === "string" ? { encoding: "utf-8", mode: 384 } : { mode: 384 }
       )
-    ).catch((err) => logger$i.error(`Failed to save ${logLabel}:`, err));
+    ).catch((err) => logger$l.error(`Failed to save ${logLabel}:`, err));
   };
   const schedule = () => {
     saveDirty2 = true;
@@ -1089,7 +1125,7 @@ function createDebouncedJsonPersistence({
     flush: flush2
   };
 }
-let state$4 = null;
+let state$5 = null;
 const listeners$2 = /* @__PURE__ */ new Set();
 const SAVE_DEBOUNCE_MS$5 = 250;
 function getHighlightsPath() {
@@ -1099,19 +1135,19 @@ function createPersistence$1() {
   return createDebouncedJsonPersistence({
     debounceMs: SAVE_DEBOUNCE_MS$5,
     filePath: getHighlightsPath(),
-    getValue: () => state$4,
+    getValue: () => state$5,
     logLabel: "highlights",
     resetOnSchedule: true
   });
 }
-let persistence$5 = null;
+let persistence$7 = null;
 function getPersistence$1() {
-  persistence$5 ??= createPersistence$1();
-  return persistence$5;
+  persistence$7 ??= createPersistence$1();
+  return persistence$7;
 }
 function load$4() {
-  if (state$4) return state$4;
-  state$4 = loadJsonFile({
+  if (state$5) return state$5;
+  state$5 = loadJsonFile({
     filePath: getHighlightsPath(),
     fallback: { highlights: [] },
     parse: (raw) => {
@@ -1121,14 +1157,14 @@ function load$4() {
       };
     }
   });
-  return state$4;
+  return state$5;
 }
-function save$2() {
+function save$3() {
   getPersistence$1().schedule();
 }
-function emit$2() {
-  if (!state$4) return;
-  const snapshot = { highlights: [...state$4.highlights] };
+function emit$4() {
+  if (!state$5) return;
+  const snapshot = { highlights: [...state$5.highlights] };
   for (const listener of listeners$2) {
     listener(snapshot);
   }
@@ -1144,12 +1180,12 @@ function normalizeUrl$1(rawUrl) {
 }
 function getState$2() {
   load$4();
-  return { highlights: [...state$4.highlights] };
+  return { highlights: [...state$5.highlights] };
 }
 function getHighlightsForUrl(url) {
   load$4();
   const normalized = normalizeUrl$1(url);
-  return state$4.highlights.filter((h) => h.url === normalized);
+  return state$5.highlights.filter((h) => h.url === normalized);
 }
 function addHighlight(url, selector, text, label, color, source) {
   load$4();
@@ -1163,45 +1199,45 @@ function addHighlight(url, selector, text, label, color, source) {
     source: source || void 0,
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
   };
-  state$4.highlights.push(highlight);
-  save$2();
-  emit$2();
+  state$5.highlights.push(highlight);
+  save$3();
+  emit$4();
   return highlight;
 }
 function removeHighlight(id) {
   load$4();
-  const index = state$4.highlights.findIndex((h) => h.id === id);
+  const index = state$5.highlights.findIndex((h) => h.id === id);
   if (index === -1) return null;
-  const [removed] = state$4.highlights.splice(index, 1);
-  save$2();
-  emit$2();
+  const [removed] = state$5.highlights.splice(index, 1);
+  save$3();
+  emit$4();
   return removed;
 }
 function findHighlightByText(url, text) {
   load$4();
   const normalized = normalizeUrl$1(url);
-  return state$4.highlights.find(
+  return state$5.highlights.find(
     (h) => h.url === normalized && h.text && h.text === text
   ) ?? null;
 }
 function updateHighlightColor(id, color) {
   load$4();
-  const highlight = state$4.highlights.find((h) => h.id === id);
+  const highlight = state$5.highlights.find((h) => h.id === id);
   if (!highlight) return null;
   highlight.color = color;
-  save$2();
-  emit$2();
+  save$3();
+  emit$4();
   return highlight;
 }
 function clearHighlightsForUrl(url) {
   load$4();
   const normalized = normalizeUrl$1(url);
-  const before = state$4.highlights.length;
-  state$4.highlights = state$4.highlights.filter((h) => h.url !== normalized);
-  const removed = before - state$4.highlights.length;
+  const before = state$5.highlights.length;
+  state$5.highlights = state$5.highlights.filter((h) => h.url !== normalized);
+  const removed = before - state$5.highlights.length;
   if (removed > 0) {
-    save$2();
-    emit$2();
+    save$3();
+    emit$4();
   }
   return removed;
 }
@@ -1831,14 +1867,14 @@ function persistHighlight(url, text) {
 }
 const MAX_HISTORY_ENTRIES = 5e3;
 const SAVE_DEBOUNCE_MS$4 = 250;
-let state$3 = null;
+let state$4 = null;
 const listeners$1 = /* @__PURE__ */ new Set();
 function getHistoryPath() {
   return path.join(electron.app.getPath("userData"), "vessel-history.json");
 }
 function load$3() {
-  if (state$3) return state$3;
-  state$3 = loadJsonFile({
+  if (state$4) return state$4;
+  state$4 = loadJsonFile({
     filePath: getHistoryPath(),
     fallback: { entries: [] },
     parse: (raw) => {
@@ -1848,27 +1884,27 @@ function load$3() {
       };
     }
   });
-  return state$3;
+  return state$4;
 }
-const persistence$4 = createDebouncedJsonPersistence({
+const persistence$6 = createDebouncedJsonPersistence({
   debounceMs: SAVE_DEBOUNCE_MS$4,
   filePath: getHistoryPath(),
-  getValue: () => state$3,
+  getValue: () => state$4,
   logLabel: "history"
 });
-function save$1() {
-  persistence$4.schedule();
+function save$2() {
+  persistence$6.schedule();
 }
-function emit$1() {
-  if (!state$3) return;
-  const snapshot = { entries: [...state$3.entries] };
+function emit$3() {
+  if (!state$4) return;
+  const snapshot = { entries: [...state$4.entries] };
   for (const listener of listeners$1) {
     listener(snapshot);
   }
 }
 function getState$1() {
   load$3();
-  return { entries: [...state$3.entries] };
+  return { entries: [...state$4.entries] };
 }
 function subscribe$1(listener) {
   listeners$1.add(listener);
@@ -1879,12 +1915,12 @@ function subscribe$1(listener) {
 function addEntry$1(url, title) {
   if (!url || url === "about:blank") return;
   load$3();
-  const last = state$3.entries[0];
+  const last = state$4.entries[0];
   if (last && last.url === url) {
     if (title && title !== last.title) {
       last.title = title;
-      save$1();
-      emit$1();
+      save$2();
+      emit$3();
     }
     return;
   }
@@ -1893,25 +1929,25 @@ function addEntry$1(url, title) {
     title: title || url,
     visitedAt: (/* @__PURE__ */ new Date()).toISOString()
   };
-  state$3.entries.unshift(entry);
-  if (state$3.entries.length > MAX_HISTORY_ENTRIES) {
-    state$3.entries = state$3.entries.slice(0, MAX_HISTORY_ENTRIES);
+  state$4.entries.unshift(entry);
+  if (state$4.entries.length > MAX_HISTORY_ENTRIES) {
+    state$4.entries = state$4.entries.slice(0, MAX_HISTORY_ENTRIES);
   }
-  save$1();
-  emit$1();
+  save$2();
+  emit$3();
 }
 function search(query, limit = 50) {
   load$3();
-  if (!query.trim()) return state$3.entries.slice(0, limit);
+  if (!query.trim()) return state$4.entries.slice(0, limit);
   const normalized = query.toLowerCase();
-  return state$3.entries.filter(
+  return state$4.entries.filter(
     (e) => e.url.toLowerCase().includes(normalized) || e.title.toLowerCase().includes(normalized)
   ).slice(0, limit);
 }
 function clearAll$1() {
-  state$3 = { entries: [] };
-  save$1();
-  emit$1();
+  state$4 = { entries: [] };
+  save$2();
+  emit$3();
 }
 function clearByTimeRange(timeRange) {
   load$3();
@@ -1921,12 +1957,12 @@ function clearByTimeRange(timeRange) {
   }
   const now = Date.now();
   const cutoff = new Date(now - timeRangeToMs(timeRange));
-  state$3.entries = state$3.entries.filter((entry) => {
+  state$4.entries = state$4.entries.filter((entry) => {
     const visitedAt = new Date(entry.visitedAt).getTime();
     return Number.isNaN(visitedAt) || visitedAt < cutoff.getTime();
   });
-  save$1();
-  emit$1();
+  save$2();
+  emit$3();
 }
 function timeRangeToMs(range) {
   switch (range) {
@@ -1980,7 +2016,7 @@ function importHistoryFromJson(content) {
     const parsed = JSON.parse(content);
     const entries = Array.isArray(parsed?.entries) ? parsed.entries : [];
     load$3();
-    const existingUrls = new Set(state$3.entries.map((e) => e.url));
+    const existingUrls = new Set(state$4.entries.map((e) => e.url));
     for (const entry of entries) {
       if (!entry?.url || typeof entry.url !== "string") {
         errors++;
@@ -1990,7 +2026,7 @@ function importHistoryFromJson(content) {
         skipped++;
         continue;
       }
-      state$3.entries.push({
+      state$4.entries.push({
         url: entry.url,
         title: typeof entry.title === "string" ? entry.title : entry.url,
         visitedAt: typeof entry.visitedAt === "string" ? entry.visitedAt : (/* @__PURE__ */ new Date()).toISOString()
@@ -1998,14 +2034,14 @@ function importHistoryFromJson(content) {
       existingUrls.add(entry.url);
       imported++;
     }
-    state$3.entries.sort(
+    state$4.entries.sort(
       (a, b) => new Date(b.visitedAt).getTime() - new Date(a.visitedAt).getTime()
     );
-    if (state$3.entries.length > MAX_HISTORY_ENTRIES) {
-      state$3.entries = state$3.entries.slice(0, MAX_HISTORY_ENTRIES);
+    if (state$4.entries.length > MAX_HISTORY_ENTRIES) {
+      state$4.entries = state$4.entries.slice(0, MAX_HISTORY_ENTRIES);
     }
-    save$1();
-    emit$1();
+    save$2();
+    emit$3();
   } catch {
     errors++;
   }
@@ -2016,7 +2052,7 @@ function importHistoryFromHtml(content) {
   let skipped = 0;
   let errors = 0;
   load$3();
-  const existingUrls = new Set(state$3.entries.map((e) => e.url));
+  const existingUrls = new Set(state$4.entries.map((e) => e.url));
   const hrefRegex = /<A\s+[^>]*HREF="([^"]+)"[^>]*>([^<]*)<\/A>/gi;
   let match;
   while ((match = hrefRegex.exec(content)) !== null) {
@@ -2027,7 +2063,7 @@ function importHistoryFromHtml(content) {
       else errors++;
       continue;
     }
-    state$3.entries.push({
+    state$4.entries.push({
       url,
       title,
       visitedAt: (/* @__PURE__ */ new Date()).toISOString()
@@ -2035,18 +2071,18 @@ function importHistoryFromHtml(content) {
     existingUrls.add(url);
     imported++;
   }
-  state$3.entries.sort(
+  state$4.entries.sort(
     (a, b) => new Date(b.visitedAt).getTime() - new Date(a.visitedAt).getTime()
   );
-  if (state$3.entries.length > MAX_HISTORY_ENTRIES) {
-    state$3.entries = state$3.entries.slice(0, MAX_HISTORY_ENTRIES);
+  if (state$4.entries.length > MAX_HISTORY_ENTRIES) {
+    state$4.entries = state$4.entries.slice(0, MAX_HISTORY_ENTRIES);
   }
-  save$1();
-  emit$1();
+  save$2();
+  emit$3();
   return { imported, skipped, errors };
 }
 function flushPersist$3() {
-  return persistence$4.flush();
+  return persistence$6.flush();
 }
 const MAX_CONSOLE_ENTRIES = 500;
 const MAX_NETWORK_ENTRIES = 200;
@@ -2403,18 +2439,18 @@ class DevToolsSession {
     if (result?.__error) throw new Error(result.__error);
     return { type, origin, entries: result ?? {} };
   }
-  async setStorage(type, key, value) {
+  async setStorage(type, key2, value) {
     const storageType = type === "localStorage" ? "localStorage" : "sessionStorage";
     if (value === null) {
       await this.wc.executeJavaScript(
-        `window.${storageType}.removeItem(${JSON.stringify(key)})`
+        `window.${storageType}.removeItem(${JSON.stringify(key2)})`
       );
-      return `Removed "${key}" from ${type}`;
+      return `Removed "${key2}" from ${type}`;
     }
     await this.wc.executeJavaScript(
-      `window.${storageType}.setItem(${JSON.stringify(key)}, ${JSON.stringify(value)})`
+      `window.${storageType}.setItem(${JSON.stringify(key2)}, ${JSON.stringify(value)})`
     );
-    return `Set ${type}["${key}"] = ${value.length > 80 ? value.slice(0, 77) + "..." : value}`;
+    return `Set ${type}["${key2}"] = ${value.length > 80 ? value.slice(0, 77) + "..." : value}`;
   }
   // ---------------------------------------------------------------------------
   // Performance
@@ -2746,7 +2782,7 @@ function destroySession(tabId) {
     sessions.delete(tabId);
   }
 }
-const logger$h = createLogger("TabManager");
+const logger$k = createLogger("TabManager");
 function sanitizePdfFilename(title) {
   const clean = title.replace(/[<>:"/\\|?*\x00-\x1f]/g, " ").replace(/\s+/g, " ").trim();
   const base = (clean || "Vessel Page").replace(/\.pdf$/i, "");
@@ -2979,23 +3015,23 @@ class TabManager {
   async saveTabAsPdf(id) {
     const tab = this.tabs.get(id);
     if (!tab) return null;
-    const { canceled, filePath } = await electron.dialog.showSaveDialog({
+    const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
       title: "Save Page as PDF",
       defaultPath: sanitizePdfFilename(tab.state.title || "Vessel Page"),
       filters: [{ name: "PDF", extensions: ["pdf"] }]
     });
-    if (canceled || !filePath) return null;
+    if (canceled || !filePath2) return null;
     const data = await tab.view.webContents.printToPDF({
       printBackground: true
     });
-    await fs.promises.writeFile(filePath, data);
-    return filePath;
+    await fs.promises.writeFile(filePath2, data);
+    return filePath2;
   }
   async savePage(id, format = "MHTML") {
     const tab = this.tabs.get(id);
     if (!tab) return null;
     const ext = format === "MHTML" ? "mhtml" : "html";
-    const { canceled, filePath } = await electron.dialog.showSaveDialog({
+    const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
       title: "Save Page As",
       defaultPath: sanitizePageFilename(
         tab.state.title || "Vessel Page",
@@ -3005,9 +3041,9 @@ class TabManager {
         { name: format === "MHTML" ? "MHTML" : "HTML", extensions: [ext] }
       ]
     });
-    if (canceled || !filePath) return null;
-    await tab.view.webContents.savePage(filePath, format);
-    return filePath;
+    if (canceled || !filePath2) return null;
+    await tab.view.webContents.savePage(filePath2, format);
+    return filePath2;
   }
   getActiveTab() {
     return this.activeTabId ? this.tabs.get(this.activeTabId) : void 0;
@@ -3091,11 +3127,11 @@ class TabManager {
         this.pinTab(ids[index]);
       }
       if (tab.groupName && ids[index]) {
-        const key = `${tab.groupName}|${tab.groupColor ?? "blue"}`;
-        let groupId = restoredGroups.get(key);
+        const key2 = `${tab.groupName}|${tab.groupColor ?? "blue"}`;
+        let groupId = restoredGroups.get(key2);
         if (!groupId) {
           groupId = crypto$1.randomUUID();
-          restoredGroups.set(key, groupId);
+          restoredGroups.set(key2, groupId);
           this.tabGroups.set(groupId, {
             id: groupId,
             name: tab.groupName,
@@ -3145,7 +3181,7 @@ class TabManager {
     }));
     if (entries.length > 0) {
       void highlightBatchOnPage(wc, entries).catch(
-        (err) => logger$h.warn("Failed to batch highlight:", err)
+        (err) => logger$k.warn("Failed to batch highlight:", err)
       );
     }
   }
@@ -3167,12 +3203,12 @@ class TabManager {
         const result = await captureSelectionHighlight(wc);
         if (result.success && result.text) {
           await highlightOnPage(wc, null, result.text, void 0, void 0, "yellow").catch(
-            (err) => logger$h.warn("Failed to capture highlight:", err)
+            (err) => logger$k.warn("Failed to capture highlight:", err)
           );
         }
         this.highlightCaptureCallback?.(result);
       } catch (err) {
-        logger$h.warn("Failed to capture highlight from page:", err);
+        logger$k.warn("Failed to capture highlight from page:", err);
         this.highlightCaptureCallback?.({
           success: false,
           message: "Could not capture selection"
@@ -3197,7 +3233,7 @@ class TabManager {
           void this.removeHighlightMarksForText(wc, text);
         }
       } catch (err) {
-        logger$h.warn("Failed to remove highlight from matching tab:", err);
+        logger$k.warn("Failed to remove highlight from matching tab:", err);
       }
     }
     this.highlightCaptureCallback?.({
@@ -3228,12 +3264,12 @@ class TabManager {
               void 0,
               color
             ).catch(
-              (err) => logger$h.warn("Failed to update highlight color:", err)
+              (err) => logger$k.warn("Failed to update highlight color:", err)
             );
           });
         }
       } catch (err) {
-        logger$h.warn("Failed to iterate highlights for color change:", err);
+        logger$k.warn("Failed to iterate highlights for color change:", err);
       }
     }
     this.highlightCaptureCallback?.({
@@ -3274,7 +3310,7 @@ class TabManager {
         });
       })()`
     ).catch(
-      (err) => logger$h.warn("Failed to remove highlight marks:", err)
+      (err) => logger$k.warn("Failed to remove highlight marks:", err)
     );
   }
   broadcastState() {
@@ -3420,6 +3456,11 @@ const Channels = {
   DOWNLOAD_STARTED: "download:started",
   DOWNLOAD_PROGRESS: "download:progress",
   DOWNLOAD_DONE: "download:done",
+  DOWNLOADS_GET: "downloads:get",
+  DOWNLOADS_CLEAR: "downloads:clear",
+  DOWNLOADS_OPEN: "downloads:open",
+  DOWNLOADS_SHOW_IN_FOLDER: "downloads:show-in-folder",
+  DOWNLOADS_UPDATE: "downloads:update",
   // Premium
   PREMIUM_GET_STATE: "premium:get-state",
   PREMIUM_ACTIVATION_START: "premium:activation-start",
@@ -3477,7 +3518,19 @@ const Channels = {
   CLEAR_BROWSING_DATA: "browsing-data:clear",
   CLEAR_BROWSING_DATA_OPEN: "browsing-data:open",
   // Picture-in-Picture
-  TAB_TOGGLE_PIP: "tab:toggle-pip"
+  TAB_TOGGLE_PIP: "tab:toggle-pip",
+  // Codex OAuth
+  CODEX_START_AUTH: "codex:start-auth",
+  CODEX_CANCEL_AUTH: "codex:cancel-auth",
+  CODEX_AUTH_STATUS: "codex:auth-status",
+  CODEX_DISCONNECT: "codex:disconnect",
+  // Updates
+  UPDATES_CHECK: "updates:check",
+  UPDATES_OPEN_DOWNLOAD: "updates:open-download",
+  // Permissions
+  PERMISSIONS_GET: "permissions:get",
+  PERMISSIONS_CLEAR: "permissions:clear",
+  PERMISSIONS_CLEAR_ORIGIN: "permissions:clear-origin"
 };
 const MAX_DETAIL_ITEMS = 3;
 const MIN_BLOCK_SIMILARITY = 0.82;
@@ -3719,25 +3772,25 @@ function normalizeQueryValue(value) {
 }
 function serializeSnapshotParams(params) {
   return params.map(
-    ([key, value]) => `${encodeURIComponent(key)}=${encodeURIComponent(value)}`
+    ([key2, value]) => `${encodeURIComponent(key2)}=${encodeURIComponent(value)}`
   ).join("&");
 }
 function normalizeSnapshotParams(entries, pathname) {
   return Array.from(entries).filter(
-    ([key, value]) => shouldKeepSnapshotQueryParam(pathname, key, value)
-  ).map(([key, value]) => [
-    key.trim().toLowerCase(),
+    ([key2, value]) => shouldKeepSnapshotQueryParam(pathname, key2, value)
+  ).map(([key2, value]) => [
+    key2.trim().toLowerCase(),
     normalizeQueryValue(value)
   ]).sort(
     ([keyA, valueA], [keyB, valueB]) => keyA === keyB ? valueA.localeCompare(valueB) : keyA.localeCompare(keyB)
   );
 }
 function shouldKeepSnapshotQueryParam(pathname, rawKey, value) {
-  const key = rawKey.trim().toLowerCase();
-  if (!key || !value.trim()) return false;
-  if (key.startsWith("utm_")) return false;
-  if (TRACKING_QUERY_KEYS.has(key)) return false;
-  if (SNAPSHOT_QUERY_KEYS.has(key)) return true;
+  const key2 = rawKey.trim().toLowerCase();
+  if (!key2 || !value.trim()) return false;
+  if (key2.startsWith("utm_")) return false;
+  if (TRACKING_QUERY_KEYS.has(key2)) return false;
+  if (SNAPSHOT_QUERY_KEYS.has(key2)) return true;
   return /\/(search|results|browse|discover|find|category|tag|topics?|collections?|list)(\/|$)/i.test(
     pathname
   );
@@ -3830,7 +3883,7 @@ function load$2() {
   });
   return snapshots;
 }
-const persistence$3 = createDebouncedJsonPersistence({
+const persistence$5 = createDebouncedJsonPersistence({
   debounceMs: SAVE_DEBOUNCE_MS$3,
   filePath: getFilePath$1(),
   getValue: () => snapshots,
@@ -3849,21 +3902,21 @@ function getSnapshot(normalizedUrl) {
 }
 function saveSnapshot(rawUrl, title, textContent, headings) {
   const s = load$2();
-  const key = normalizeUrl(rawUrl);
+  const key2 = normalizeUrl(rawUrl);
   const snapshot = {
-    url: key,
+    url: key2,
     title,
     textContent: textContent.slice(0, MAX_TEXT_LENGTH),
     headings: headings.map((h) => `${"#".repeat(h.level)} ${h.text}`).join("\n"),
     capturedAt: (/* @__PURE__ */ new Date()).toISOString()
   };
-  s.delete(key);
-  s.set(key, snapshot);
-  persistence$3.schedule();
+  s.delete(key2);
+  s.set(key2, snapshot);
+  persistence$5.schedule();
   return snapshot;
 }
 function flushPersist$2() {
-  return persistence$3.flush();
+  return persistence$5.flush();
 }
 const SEARCH_ENGINE_HOSTS = [
   "google.",
@@ -4178,11 +4231,11 @@ function sanitizeValue(value, depth = 0) {
   const record = asRecord(value);
   if (!record || depth >= MAX_DEPTH) return void 0;
   const objectValue = {};
-  for (const [key, entry] of Object.entries(record)) {
-    if (SKIP_FIELDS.has(key)) continue;
+  for (const [key2, entry] of Object.entries(record)) {
+    if (SKIP_FIELDS.has(key2)) continue;
     const normalized = sanitizeValue(entry, depth + 1);
     if (normalized !== void 0) {
-      objectValue[key] = normalized;
+      objectValue[key2] = normalized;
     }
   }
   return Object.keys(objectValue).length > 0 ? objectValue : void 0;
@@ -4190,10 +4243,10 @@ function sanitizeValue(value, depth = 0) {
 function buildNormalizedAttributes(record, types) {
   const attributes = {};
   const consumed = /* @__PURE__ */ new Set();
-  const consume = (key, value) => {
+  const consume = (key2, value) => {
     if (value === void 0) return;
-    consumed.add(key);
-    attributes[key] = value;
+    consumed.add(key2);
+    attributes[key2] = value;
   };
   if (types.includes("Recipe")) {
     consume("yield", sanitizeValue(record.recipeYield));
@@ -4237,14 +4290,14 @@ function buildNormalizedAttributes(record, types) {
       attributes.questions = questions;
     }
   }
-  for (const [key, value] of Object.entries(record)) {
-    if (SKIP_FIELDS.has(key) || consumed.has(key)) continue;
-    if (key === "name" || key === "headline" || key === "url" || key === "description") {
+  for (const [key2, value] of Object.entries(record)) {
+    if (SKIP_FIELDS.has(key2) || consumed.has(key2)) continue;
+    if (key2 === "name" || key2 === "headline" || key2 === "url" || key2 === "description") {
       continue;
     }
     const normalized = sanitizeValue(value);
     if (normalized !== void 0) {
-      attributes[key] = normalized;
+      attributes[key2] = normalized;
     }
   }
   return attributes;
@@ -4264,7 +4317,7 @@ function collectCandidateEntities(value, results = [], seen = /* @__PURE__ */ ne
   if (types.length > 0 || hasIdentity) {
     results.push(record);
   }
-  for (const key of [
+  for (const key2 of [
     "@graph",
     "mainEntity",
     "mainEntityOfPage",
@@ -4277,7 +4330,7 @@ function collectCandidateEntities(value, results = [], seen = /* @__PURE__ */ ne
     "acceptedAnswer",
     "suggestedAnswer"
   ]) {
-    collectCandidateEntities(record[key], results, seen);
+    collectCandidateEntities(record[key2], results, seen);
   }
   return results;
 }
@@ -4290,11 +4343,11 @@ function dedupeKey(entity) {
     JSON.stringify(entity.attributes)
   ].join("::");
 }
-function extractEntitiesFromRecords(records, source) {
-  if (!records || records.length === 0) return [];
+function extractEntitiesFromRecords(records2, source) {
+  if (!records2 || records2.length === 0) return [];
   const entities = [];
   const seen = /* @__PURE__ */ new Set();
-  for (const candidate of collectCandidateEntities(records)) {
+  for (const candidate of collectCandidateEntities(records2)) {
     const types = getTypes(candidate);
     const name = firstString(candidate.name, candidate.headline);
     const url = firstString(candidate.url, candidate["@id"]);
@@ -4314,9 +4367,9 @@ function extractEntitiesFromRecords(records, source) {
     addIfPresent(entity, "name", name);
     addIfPresent(entity, "url", url);
     addIfPresent(entity, "description", description);
-    const key = dedupeKey(entity);
-    if (seen.has(key)) continue;
-    seen.add(key);
+    const key2 = dedupeKey(entity);
+    if (seen.has(key2)) continue;
+    seen.add(key2);
     entities.push(entity);
   }
   return entities.slice(0, 25);
@@ -4339,13 +4392,13 @@ function extractEntityFromMetaTags(metaTags, pageTitle, pageUrl) {
   const url = metaTags["og:url"] || metaTags.canonical || pageUrl;
   const types = getMetaType(metaTags);
   const attributes = {};
-  for (const [key, value] of Object.entries(metaTags)) {
-    if (key === "og:title" || key === "twitter:title" || key === "title" || key === "og:description" || key === "description" || key === "twitter:description" || key === "og:url" || key === "canonical") {
+  for (const [key2, value] of Object.entries(metaTags)) {
+    if (key2 === "og:title" || key2 === "twitter:title" || key2 === "title" || key2 === "og:description" || key2 === "description" || key2 === "twitter:description" || key2 === "og:url" || key2 === "canonical") {
       continue;
     }
     const normalized = sanitizeValue(value);
     if (normalized !== void 0) {
-      attributes[key] = normalized;
+      attributes[key2] = normalized;
     }
   }
   const entity = {
@@ -4398,9 +4451,9 @@ function extractStructuredDataFromJsonLd(jsonLd, microdata, rdfa, metaTags, page
   const deduped = [];
   const seen = /* @__PURE__ */ new Set();
   for (const entity of candidates) {
-    const key = dedupeKey(entity);
-    if (seen.has(key)) continue;
-    seen.add(key);
+    const key2 = dedupeKey(entity);
+    if (seen.has(key2)) continue;
+    seen.add(key2);
     deduped.push(entity);
   }
   if (deduped.length > 0) {
@@ -4414,9 +4467,9 @@ function extractStructuredDataFromJsonLd(jsonLd, microdata, rdfa, metaTags, page
     pageHeadings
   );
 }
-function addIfPresent(target, key, value) {
+function addIfPresent(target, key2, value) {
   if (value !== void 0) {
-    target[key] = value;
+    target[key2] = value;
   }
 }
 function okResult(value) {
@@ -4435,7 +4488,7 @@ function errorResult(error, value) {
 function getErrorMessage(error, fallback = "Unknown error") {
   return error instanceof Error && error.message ? error.message : fallback;
 }
-const logger$g = createLogger("Premium");
+const logger$j = createLogger("Premium");
 const VERIFICATION_API = process.env.VESSEL_PREMIUM_API || "https://vesselpremium.quantaintellect.com";
 const FREE_TOOL_ITERATION_LIMIT = 50;
 const REVALIDATION_INTERVAL_MS = 24 * 60 * 60 * 1e3;
@@ -4551,7 +4604,7 @@ async function verifySubscription$1(identifier) {
     });
     if (!res.ok) {
       const detail = await readApiErrorDetail(res);
-      logger$g.warn(
+      logger$j.warn(
         "Verification API returned a non-OK status:",
         res.status,
         detail
@@ -4570,7 +4623,7 @@ async function verifySubscription$1(identifier) {
     setSetting("premium", updated);
     return updated;
   } catch (err) {
-    logger$g.warn("Verification failed:", err);
+    logger$j.warn("Verification failed:", err);
     return current;
   }
 }
@@ -4729,8 +4782,8 @@ function trackProviderConfigured(providerId) {
     provider_id: providerId
   });
 }
-function trackSettingChanged(key) {
-  trackEvent("setting_changed", { setting_key: key });
+function trackSettingChanged(key2) {
+  trackEvent("setting_changed", { setting_key: key2 });
 }
 function trackApprovalModeChanged(mode) {
   trackEvent("approval_mode_changed", { mode });
@@ -4912,10 +4965,10 @@ function mapFormFields(forms, interactiveElements) {
     }
   }
   for (const el of interactiveElements) {
-    const key = el.selector || el.name || el.label || String(el.index);
-    if (formFieldSelectors.has(key)) {
+    const key2 = el.selector || el.name || el.label || String(el.index);
+    if (formFieldSelectors.has(key2)) {
       fields.push({
-        name: el.name || el.label || key,
+        name: el.name || el.label || key2,
         type: mapInputType(el),
         label: el.label,
         required: el.required,
@@ -5143,7 +5196,7 @@ const EXTRACT_TIMEOUT_MAX_MS = 2e4;
 const MUTATION_CAPTURE_INTERVAL_MS = 5e3;
 const MUTATION_SETTLE_AFTER_MS = 1500;
 const AGENT_STREAM_IDLE_TIMEOUT_MS = 3e4;
-const logger$f = createLogger("Extractor");
+const logger$i = createLogger("Extractor");
 const EMPTY_PAGE_CONTENT = {
   title: "",
   content: "",
@@ -5893,7 +5946,7 @@ async function executeScript(webContents, script) {
       })
     ]);
   } catch (err) {
-    logger$f.warn("Failed to execute page script:", err);
+    logger$i.warn("Failed to execute page script:", err);
     return null;
   } finally {
     if (timer) {
@@ -6000,7 +6053,7 @@ async function estimateExtractionTimeout(webContents) {
       return EXTRACT_TIMEOUT_BASE_MS + extra;
     }
   } catch (err) {
-    logger$f.warn("Failed to estimate extraction timeout, using base timeout:", err);
+    logger$i.warn("Failed to estimate extraction timeout, using base timeout:", err);
   }
   return EXTRACT_TIMEOUT_BASE_MS;
 }
@@ -6154,12 +6207,12 @@ function loadHistory() {
       return next;
     }
   });
-  for (const [key, bursts] of loaded.entries()) {
-    recentPageDiffBursts.set(key, bursts);
+  for (const [key2, bursts] of loaded.entries()) {
+    recentPageDiffBursts.set(key2, bursts);
   }
   return recentPageDiffBursts;
 }
-const persistence$2 = createDebouncedJsonPersistence({
+const persistence$4 = createDebouncedJsonPersistence({
   debounceMs: SAVE_DEBOUNCE_MS$2,
   filePath: getHistoryFilePath(),
   getValue: () => recentPageDiffBursts,
@@ -6176,20 +6229,20 @@ function getLatestPageDiff(rawUrl) {
 }
 function getPageDiffBursts(rawUrl) {
   if (!shouldTrackSnapshotUrl(rawUrl)) return [];
-  const key = normalizeUrl(rawUrl);
+  const key2 = normalizeUrl(rawUrl);
   const history = loadHistory();
-  const bursts = prunePageDiffHistory(history.get(key) ?? [], {
+  const bursts = prunePageDiffHistory(history.get(key2) ?? [], {
     maxAgeDays: MAX_HISTORY_DAYS,
     maxItems: MAX_PERSISTED_DIFF_BURSTS
   });
-  const current = history.get(key) ?? [];
+  const current = history.get(key2) ?? [];
   if (current.length !== bursts.length) {
     if (bursts.length > 0) {
-      history.set(key, bursts);
+      history.set(key2, bursts);
     } else {
-      history.delete(key);
+      history.delete(key2);
     }
-    persistence$2.schedule();
+    persistence$4.schedule();
   }
   return bursts.slice().reverse();
 }
@@ -6197,20 +6250,20 @@ function summarizeDiffBurst(diff) {
   const items = diff.changes.slice(0, 2).map((change) => `${change.section}: ${change.summary}`);
   return items.join(" | ");
 }
-function enrichWithBurstHistory(key, diff) {
+function enrichWithBurstHistory(key2, diff) {
   const detectedAt = (/* @__PURE__ */ new Date()).toISOString();
   const nextBurst = {
     detectedAt,
     summary: summarizeDiffBurst(diff)
   };
   const history = loadHistory();
-  const bursts = appendPageDiffHistoryItem(history.get(key) ?? [], nextBurst, {
+  const bursts = appendPageDiffHistoryItem(history.get(key2) ?? [], nextBurst, {
     maxAgeDays: MAX_HISTORY_DAYS,
     maxItems: MAX_PERSISTED_DIFF_BURSTS,
     now: Date.parse(detectedAt)
   });
-  history.set(key, bursts);
-  persistence$2.schedule();
+  history.set(key2, bursts);
+  persistence$4.schedule();
   const recentBursts = bursts.slice(-5);
   return {
     ...diff,
@@ -6223,8 +6276,8 @@ function enrichWithBurstHistory(key, diff) {
 async function capturePageSnapshot(url, wc, sendToRendererViews) {
   try {
     if (!shouldTrackSnapshotUrl(url)) return;
-    const key = normalizeUrl(url);
-    const oldSnap = getSnapshot(key);
+    const key2 = normalizeUrl(url);
+    const oldSnap = getSnapshot(key2);
     const content = await extractContent(wc);
     const textContent = content.content || "";
     const title = content.title || "";
@@ -6233,14 +6286,14 @@ async function capturePageSnapshot(url, wc, sendToRendererViews) {
     if (oldSnap) {
       const diff = diffSnapshots(oldSnap, textContent, title, currentHeadings);
       if (diff.hasChanges) {
-        const enrichedDiff = enrichWithBurstHistory(key, diff);
-        latestPageDiffs.set(key, enrichedDiff);
+        const enrichedDiff = enrichWithBurstHistory(key2, diff);
+        latestPageDiffs.set(key2, enrichedDiff);
         sendToRendererViews(Channels.PAGE_CHANGED, enrichedDiff);
       } else {
-        latestPageDiffs.delete(key);
+        latestPageDiffs.delete(key2);
       }
     } else {
-      latestPageDiffs.delete(key);
+      latestPageDiffs.delete(key2);
     }
     saveSnapshot(url, title, textContent, headings);
   } catch {
@@ -6292,19 +6345,19 @@ function schedulePageSnapshotCapture(wc, sendToRendererViews, delayMs = 0) {
 function enableClipboardShortcuts(view) {
   view.webContents.on("before-input-event", (event, input) => {
     if (!input.control && !input.meta) return;
-    const key = input.key.toLowerCase();
+    const key2 = input.key.toLowerCase();
     const wc = view.webContents;
     if (input.type === "keyDown") {
-      if (key === "c") {
+      if (key2 === "c") {
         wc.copy();
         event.preventDefault();
-      } else if (key === "v") {
+      } else if (key2 === "v") {
         wc.paste();
         event.preventDefault();
-      } else if (key === "x") {
+      } else if (key2 === "x") {
         wc.cut();
         event.preventDefault();
-      } else if (key === "a") {
+      } else if (key2 === "a") {
         wc.selectAll();
         event.preventDefault();
       }
@@ -6609,8 +6662,8 @@ function resizeSidebarViews(state2) {
   }
 }
 function generateReaderHTML(page) {
-  const escapedTitle = escapeHtml(page.title);
-  const escapedByline = escapeHtml(page.byline);
+  const escapedTitle = escapeHtml$1(page.title);
+  const escapedByline = escapeHtml$1(page.byline);
   const renderedContent = renderReaderContent(page);
   return `<!DOCTYPE html>
 <html lang="en">
@@ -6698,9 +6751,9 @@ function renderReaderContent(page) {
   if (!source) {
     return "<p>No readable content was available for this page.</p>";
   }
-  return source.split(/\n{2,}/).map((block) => block.trim()).filter(Boolean).map((block) => `<p>${escapeHtml(block).replace(/\n/g, "<br>")}</p>`).join("\n");
+  return source.split(/\n{2,}/).map((block) => block.trim()).filter(Boolean).map((block) => `<p>${escapeHtml$1(block).replace(/\n/g, "<br>")}</p>`).join("\n");
 }
-function escapeHtml(str) {
+function escapeHtml$1(str) {
   return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
 }
 const mcpStatusChangeListeners = /* @__PURE__ */ new Set();
@@ -6718,7 +6771,7 @@ function onRuntimeHealthChange(listener) {
   };
 }
 function getMcpStatus() {
-  return state$2.mcp.status;
+  return state$3.mcp.status;
 }
 function emitRuntimeHealthChange() {
   const snapshot = getRuntimeHealth();
@@ -6726,7 +6779,7 @@ function emitRuntimeHealthChange() {
     listener(snapshot);
   }
 }
-const state$2 = {
+const state$3 = {
   userDataPath: "",
   settingsPath: "",
   startupIssues: [],
@@ -6739,43 +6792,43 @@ const state$2 = {
   }
 };
 function initializeRuntimeHealth(paths) {
-  state$2.userDataPath = paths.userDataPath;
-  state$2.settingsPath = paths.settingsPath;
-  state$2.mcp.configuredPort = paths.configuredPort;
-  state$2.mcp.activePort = null;
-  state$2.mcp.endpoint = null;
-  state$2.mcp.status = "stopped";
-  state$2.mcp.message = "MCP server has not started yet.";
+  state$3.userDataPath = paths.userDataPath;
+  state$3.settingsPath = paths.settingsPath;
+  state$3.mcp.configuredPort = paths.configuredPort;
+  state$3.mcp.activePort = null;
+  state$3.mcp.endpoint = null;
+  state$3.mcp.status = "stopped";
+  state$3.mcp.message = "MCP server has not started yet.";
   emitRuntimeHealthChange();
 }
 function setStartupIssues(issues) {
-  state$2.startupIssues = issues.map((issue) => ({ ...issue }));
+  state$3.startupIssues = issues.map((issue) => ({ ...issue }));
   emitRuntimeHealthChange();
 }
 function getRuntimeHealth() {
   return {
-    userDataPath: state$2.userDataPath,
-    settingsPath: state$2.settingsPath,
-    startupIssues: state$2.startupIssues.map((issue) => ({ ...issue })),
-    mcp: { ...state$2.mcp }
+    userDataPath: state$3.userDataPath,
+    settingsPath: state$3.settingsPath,
+    startupIssues: state$3.startupIssues.map((issue) => ({ ...issue })),
+    mcp: { ...state$3.mcp }
   };
 }
 function setMcpHealth(update) {
   if (typeof update.configuredPort === "number") {
-    state$2.mcp.configuredPort = update.configuredPort;
+    state$3.mcp.configuredPort = update.configuredPort;
   }
   if ("activePort" in update) {
-    state$2.mcp.activePort = update.activePort ?? null;
+    state$3.mcp.activePort = update.activePort ?? null;
   }
   if ("endpoint" in update) {
-    state$2.mcp.endpoint = update.endpoint ?? null;
+    state$3.mcp.endpoint = update.endpoint ?? null;
   }
-  const prevStatus = state$2.mcp.status;
-  state$2.mcp.status = update.status;
-  state$2.mcp.message = update.message;
-  if (prevStatus !== state$2.mcp.status) {
+  const prevStatus = state$3.mcp.status;
+  state$3.mcp.status = update.status;
+  state$3.mcp.message = update.message;
+  if (prevStatus !== state$3.mcp.status) {
     for (const listener of mcpStatusChangeListeners) {
-      listener(state$2.mcp.status);
+      listener(state$3.mcp.status);
     }
   }
   emitRuntimeHealthChange();
@@ -7177,6 +7230,17 @@ const PROVIDERS = {
     apiKeyPlaceholder: "sk-...",
     apiKeyHint: "Get your key from platform.openai.com"
   },
+  openai_codex: {
+    id: "openai_codex",
+    name: "OpenAI Codex",
+    type: "codex_oauth",
+    defaultModel: "gpt-5",
+    models: ["gpt-5", "gpt-5-mini", "gpt-5-nano", "o4", "o4-mini"],
+    requiresApiKey: false,
+    defaultBaseUrl: "https://api.openai.com/v1",
+    apiKeyPlaceholder: "",
+    apiKeyHint: "Sign in with your ChatGPT Plus or Pro subscription"
+  },
   openrouter: {
     id: "openrouter",
     name: "OpenRouter",
@@ -7348,7 +7412,7 @@ const MAX_MCP_NAV_CONTENT_LENGTH = 3e4;
 const MAX_AGENT_DEBUG_CONTENT_LENGTH = 2e4;
 const LLAMA_CPP_MIN_CTX_TOKENS = 16384;
 const LLAMA_CPP_RECOMMENDED_CTX_TOKENS = 32768;
-const logger$e = createLogger("OpenAIProvider");
+const logger$h = createLogger("OpenAIProvider");
 function shouldDebugAgentLoop() {
   const value = process.env.VESSEL_DEBUG_AGENT_LOOP;
   return value === "1" || value === "true";
@@ -7676,8 +7740,8 @@ function scalarArgsForTool(name, scalar) {
   return null;
 }
 function firstStringArg(args, keys) {
-  for (const key of keys) {
-    const value = args[key];
+  for (const key2 of keys) {
+    const value = args[key2];
     if (typeof value === "string" && value.trim()) {
       return value.trim();
     }
@@ -7873,9 +7937,9 @@ function resolveToolCallName(rawName, args, availableToolNames) {
 function logAgentLoopDebug(payload) {
   if (!shouldDebugAgentLoop()) return;
   try {
-    logger$e.info(`[agent-debug] ${JSON.stringify(payload)}`);
+    logger$h.info(`[agent-debug] ${JSON.stringify(payload)}`);
   } catch (err) {
-    logger$e.warn("Failed to serialize debug payload:", err);
+    logger$h.warn("Failed to serialize debug payload:", err);
   }
 }
 function recoverTextEncodedToolCalls(text, availableToolNames) {
@@ -8409,6 +8473,525 @@ class OpenAICompatProvider {
     this.abortController?.abort();
   }
 }
+const logger$g = createLogger("CodexOAuth");
+const ISSUER = "https://auth.openai.com";
+const CLIENT_ID = "app_EMoamEEZ73f0CkXaXp7hrann";
+const SCOPE = "openid profile email offline_access api.connectors.read api.connectors.invoke";
+const AUTH_TIMEOUT_MS = 5 * 60 * 1e3;
+const PREFERRED_PORT = 1455;
+const FALLBACK_PORT = 1457;
+let activeFlow = null;
+function base64url(buffer) {
+  return buffer.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function generatePkce() {
+  const codeVerifier = base64url(crypto$1.randomBytes(64));
+  const hash = crypto$1.createHash("sha256").update(codeVerifier).digest();
+  const codeChallenge = base64url(hash);
+  return { codeVerifier, codeChallenge };
+}
+function generateState() {
+  return base64url(crypto$1.randomBytes(32));
+}
+function buildAuthorizeUrl(port, pkce, state2) {
+  const redirectUri = `http://localhost:${port}/auth/callback`;
+  const params = new URLSearchParams({
+    response_type: "code",
+    client_id: CLIENT_ID,
+    redirect_uri: redirectUri,
+    scope: SCOPE,
+    code_challenge: pkce.codeChallenge,
+    code_challenge_method: "S256",
+    state: state2,
+    id_token_add_organizations: "true",
+    codex_cli_simplified_flow: "true",
+    originator: "codex_cli_rs"
+  });
+  return `${ISSUER}/oauth/authorize?${params.toString()}`;
+}
+function parseJwtClaims(idToken) {
+  try {
+    const parts = idToken.split(".");
+    if (parts.length !== 3) return null;
+    const payload = JSON.parse(
+      Buffer.from(parts[1], "base64url").toString("utf-8")
+    );
+    const authClaims = payload["https://api.openai.com/auth"] || {};
+    const accountId = authClaims.chatgpt_account_id || payload.chatgpt_account_id || payload.sub || "";
+    const email = authClaims.email || payload.email || void 0;
+    return { accountId, email };
+  } catch {
+    return null;
+  }
+}
+function parseTokenExpiry(accessToken) {
+  try {
+    const parts = accessToken.split(".");
+    if (parts.length !== 3) return Date.now() + 36e5;
+    const payload = JSON.parse(
+      Buffer.from(parts[1], "base64url").toString("utf-8")
+    );
+    if (payload.exp && typeof payload.exp === "number") {
+      return payload.exp * 1e3;
+    }
+  } catch {
+  }
+  return Date.now() + 36e5;
+}
+async function exchangeIdTokenForApiKey(idToken) {
+  const body = new URLSearchParams({
+    grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
+    client_id: CLIENT_ID,
+    requested_token: "openai-api-key",
+    subject_token: idToken,
+    subject_token_type: "urn:ietf:params:oauth:token-type:id_token"
+  });
+  const response = await fetch(`${ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: body.toString()
+  });
+  if (!response.ok) {
+    let errorMsg = `OpenAI API token exchange failed: ${response.status}`;
+    try {
+      const err = await response.json();
+      if (typeof err.error_description === "string") {
+        errorMsg = err.error_description;
+      } else if (typeof err.error === "string") {
+        errorMsg = err.error;
+      }
+    } catch {
+    }
+    throw new Error(errorMsg);
+  }
+  const data = await response.json();
+  if (!data.access_token) {
+    throw new Error("OpenAI API token exchange did not return an access token");
+  }
+  return data.access_token;
+}
+async function ensureCodexApiKey(tokens) {
+  if (tokens.apiKey) return tokens;
+  if (!tokens.idToken) return tokens;
+  try {
+    return {
+      ...tokens,
+      apiKey: await exchangeIdTokenForApiKey(tokens.idToken)
+    };
+  } catch (err) {
+    logger$g.warn(
+      "Codex API-key token exchange failed; continuing with ChatGPT OAuth tokens:",
+      err
+    );
+    return tokens;
+  }
+}
+async function exchangeCodeForTokens(code, redirectUri, codeVerifier) {
+  const body = new URLSearchParams({
+    grant_type: "authorization_code",
+    code,
+    redirect_uri: redirectUri,
+    client_id: CLIENT_ID,
+    code_verifier: codeVerifier
+  });
+  const response = await fetch(`${ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: body.toString()
+  });
+  if (!response.ok) {
+    let errorMsg = `Token exchange failed: ${response.status}`;
+    try {
+      const err = await response.json();
+      if (typeof err.error_description === "string") {
+        errorMsg = err.error_description;
+      } else if (typeof err.error === "string") {
+        errorMsg = err.error;
+      }
+    } catch {
+    }
+    throw new Error(errorMsg);
+  }
+  const data = await response.json();
+  const claims = parseJwtClaims(data.id_token);
+  const expiresAt = parseTokenExpiry(data.access_token);
+  const tokens = {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token,
+    idToken: data.id_token,
+    expiresAt,
+    accountId: claims?.accountId || "",
+    accountEmail: claims?.email
+  };
+  return ensureCodexApiKey(tokens);
+}
+async function refreshAccessToken(tokens) {
+  const body = new URLSearchParams({
+    grant_type: "refresh_token",
+    refresh_token: tokens.refreshToken,
+    client_id: CLIENT_ID
+  });
+  const response = await fetch(`${ISSUER}/oauth/token`, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: body.toString()
+  });
+  if (!response.ok) {
+    let errorMsg = `Token refresh failed: ${response.status}`;
+    try {
+      const err = await response.json();
+      if (typeof err.error_description === "string") errorMsg = err.error_description;
+      else if (typeof err.error === "string") errorMsg = err.error;
+    } catch {
+    }
+    throw new Error(errorMsg);
+  }
+  const data = await response.json();
+  const idToken = data.id_token || tokens.idToken || "";
+  const claims = idToken ? parseJwtClaims(idToken) : null;
+  const expiresAt = parseTokenExpiry(data.access_token);
+  const refreshedTokens = {
+    accessToken: data.access_token,
+    refreshToken: data.refresh_token || tokens.refreshToken,
+    idToken,
+    apiKey: tokens.apiKey,
+    expiresAt,
+    accountId: claims?.accountId || tokens.accountId || "",
+    accountEmail: claims?.email || tokens.accountEmail
+  };
+  return ensureCodexApiKey(refreshedTokens);
+}
+function startServer(port, pkce, expectedState, resolve, reject) {
+  const server = http.createServer(async (req, res) => {
+    const url = new URL(req.url || "/", `http://localhost:${port}`);
+    if (url.pathname === "/auth/callback") {
+      const state2 = url.searchParams.get("state");
+      const code = url.searchParams.get("code");
+      const error = url.searchParams.get("error");
+      const errorDescription = url.searchParams.get("error_description");
+      if (error) {
+        res.writeHead(400, { "Content-Type": "text/plain", "Connection": "close" });
+        const msg = errorDescription || error;
+        res.end(`Authorization failed: ${msg}`);
+        reject(new Error(msg));
+        return;
+      }
+      if (state2 !== expectedState) {
+        res.writeHead(400, { "Content-Type": "text/plain", "Connection": "close" });
+        res.end("State mismatch. Please try again.");
+        reject(new Error("State mismatch"));
+        return;
+      }
+      if (!code) {
+        res.writeHead(400, { "Content-Type": "text/plain", "Connection": "close" });
+        res.end("Missing authorization code.");
+        reject(new Error("Missing authorization code"));
+        return;
+      }
+      try {
+        activeFlow?.onStatus("exchanging");
+        const redirectUri = `http://localhost:${activeFlow?.port ?? port}/auth/callback`;
+        const tokens = await exchangeCodeForTokens(code, redirectUri, pkce.codeVerifier);
+        res.writeHead(302, {
+          Location: `/success?email=${encodeURIComponent(tokens.accountEmail || tokens.accountId)}`,
+          Connection: "close"
+        });
+        res.end();
+        resolve(tokens);
+      } catch (err) {
+        res.writeHead(400, { "Content-Type": "text/plain", "Connection": "close" });
+        res.end(`Token exchange failed: ${err instanceof Error ? err.message : "Unknown error"}`);
+        reject(err instanceof Error ? err : new Error("Token exchange failed"));
+      }
+      return;
+    }
+    if (url.pathname === "/success") {
+      const email = url.searchParams.get("email") || "";
+      res.writeHead(200, { "Content-Type": "text/html", "Connection": "close" });
+      res.end(`<!DOCTYPE html>
+<html><head><meta charset="utf-8"><title>Vessel — Signed In</title>
+<style>body{font-family:system-ui,sans-serif;display:flex;align-items:center;justify-content:center;height:100vh;margin:0;background:#111;color:#eee}</style></head>
+<body><div style="text-align:center"><h1>✓ Signed In</h1>
+<p>Connected as ${escapeHtml(email)}</p><p>You can close this tab.</p></div></body></html>`);
+      return;
+    }
+    if (url.pathname === "/cancel") {
+      res.writeHead(200, { "Content-Type": "text/plain", "Connection": "close" });
+      res.end("Login cancelled");
+      reject(new Error("Login cancelled by user"));
+      return;
+    }
+    res.writeHead(404, { "Connection": "close" });
+    res.end("Not found");
+  });
+  return server;
+}
+function escapeHtml(text) {
+  return text.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;");
+}
+async function bindServer(server) {
+  const allowedPorts = [PREFERRED_PORT, FALLBACK_PORT];
+  for (const port of allowedPorts) {
+    try {
+      await new Promise((resolve, reject) => {
+        const onError = (err) => {
+          server.off("listening", onListening);
+          reject(err);
+        };
+        const onListening = () => {
+          server.off("error", onError);
+          resolve();
+        };
+        server.once("error", onError);
+        server.once("listening", onListening);
+        server.listen(port, "127.0.0.1");
+      });
+      return port;
+    } catch (err) {
+      if (err.code === "EADDRINUSE") {
+        continue;
+      }
+      throw err;
+    }
+  }
+  throw new Error(
+    `Could not bind Codex OAuth callback server to registered ports ${allowedPorts.join(", ")}`
+  );
+}
+async function startCodexOAuth(onStatus) {
+  if (activeFlow) {
+    throw new Error("Auth flow already in progress");
+  }
+  const pkce = generatePkce();
+  const state2 = generateState();
+  return new Promise((resolve, reject) => {
+    let settled = false;
+    const safeOnStatus = (status, error) => {
+      try {
+        onStatus(status, error);
+      } catch {
+        logger$g.warn("Codex OAuth status callback failed — window may be closed");
+      }
+    };
+    const wrappedResolve = (tokens) => {
+      if (settled) return;
+      settled = true;
+      cleanup();
+      safeOnStatus("connected");
+      resolve(tokens);
+    };
+    const wrappedReject = (err) => {
+      if (settled) return;
+      settled = true;
+      cleanup();
+      safeOnStatus("error", err.message);
+      reject(err);
+    };
+    const server = startServer(0, pkce, state2, wrappedResolve, wrappedReject);
+    const timeout = setTimeout(() => {
+      wrappedReject(new Error("Auth flow timed out after 5 minutes"));
+    }, AUTH_TIMEOUT_MS);
+    activeFlow = {
+      state: state2,
+      codeVerifier: pkce.codeVerifier,
+      port: 0,
+      server,
+      timeout,
+      onStatus
+    };
+    const cleanup = () => {
+      if (activeFlow?.timeout) clearTimeout(activeFlow.timeout);
+      activeFlow?.server.close();
+      activeFlow = null;
+    };
+    bindServer(server).then((port) => {
+      if (settled) return;
+      activeFlow.port = port;
+      const authUrl = buildAuthorizeUrl(port, pkce, state2);
+      safeOnStatus("waiting");
+      electron.shell.openExternal(authUrl).catch((err) => {
+        logger$g.warn("Failed to open browser, user will need the URL:", err);
+      });
+    }).catch(wrappedReject);
+  });
+}
+function cancelCodexOAuth() {
+  if (!activeFlow) return;
+  activeFlow.server.close();
+  if (activeFlow.timeout) clearTimeout(activeFlow.timeout);
+  try {
+    activeFlow.onStatus("idle");
+  } catch {
+    logger$g.warn("Codex OAuth cancel status callback failed — window may be closed");
+  }
+  activeFlow = null;
+}
+const logger$f = createLogger("CodexProvider");
+const REFRESH_WINDOW_MS = 5 * 60 * 1e3;
+const CODEX_BACKEND_BASE_URL = "https://chatgpt.com/backend-api/codex";
+const CODEX_CLIENT_VERSION = "0.129.0";
+class CodexProvider {
+  agentToolProfile;
+  tokens;
+  model;
+  abortController = null;
+  constructor(tokens, model, _baseUrl) {
+    this.tokens = tokens;
+    this.model = model;
+    this.agentToolProfile = "default";
+  }
+  async ensureFreshTokens() {
+    if (Date.now() < this.tokens.expiresAt - REFRESH_WINDOW_MS) return;
+    try {
+      logger$f.info("Refreshing Codex access token");
+      const fresh = await refreshAccessToken(this.tokens);
+      this.tokens = fresh;
+      writeStoredCodexTokens(fresh);
+    } catch (err) {
+      clearStoredCodexTokens();
+      throw new Error(
+        `Codex token refresh failed — please re-authenticate. ${err instanceof Error ? err.message : ""}`
+      );
+    }
+  }
+  backendHeaders() {
+    const headers = {
+      Authorization: `Bearer ${this.tokens.accessToken}`,
+      "Content-Type": "application/json",
+      Accept: "text/event-stream",
+      originator: "codex_cli_rs",
+      "User-Agent": `codex_cli_rs/${CODEX_CLIENT_VERSION} Vessel`
+    };
+    if (this.tokens.accountId) {
+      headers["ChatGPT-Account-ID"] = this.tokens.accountId;
+    }
+    return headers;
+  }
+  buildInput(userMessage, history) {
+    const input = [];
+    for (const msg of history ?? []) {
+      input.push({
+        type: "message",
+        role: msg.role,
+        content: [{ type: "input_text", text: msg.content }]
+      });
+    }
+    input.push({
+      type: "message",
+      role: "user",
+      content: [{ type: "input_text", text: userMessage }]
+    });
+    return input;
+  }
+  handleStreamEvent(raw, onChunk, emittedTextFromDelta) {
+    if (!raw.trim() || raw.trim() === "[DONE]") return;
+    let event;
+    try {
+      event = JSON.parse(raw);
+    } catch {
+      return;
+    }
+    if (event.type === "response.output_text.delta" && event.delta) {
+      emittedTextFromDelta.value = true;
+      onChunk(event.delta);
+      return;
+    }
+    if (event.type === "response.output_item.done" && !emittedTextFromDelta.value) {
+      const text = event.item?.content?.filter((item) => item.type === "output_text" && item.text).map((item) => item.text).join("");
+      if (text) onChunk(text);
+      return;
+    }
+    if (event.type === "response.failed") {
+      const error = event.response?.error;
+      const message = error?.message || error?.code || "Codex response failed";
+      throw new Error(message);
+    }
+  }
+  async streamCodexResponse(systemPrompt, userMessage, onChunk, history) {
+    const response = await fetch(`${CODEX_BACKEND_BASE_URL}/responses`, {
+      method: "POST",
+      headers: this.backendHeaders(),
+      signal: this.abortController?.signal,
+      body: JSON.stringify({
+        model: this.model,
+        instructions: systemPrompt,
+        input: this.buildInput(userMessage, history),
+        stream: true,
+        store: false
+      })
+    });
+    if (!response.ok) {
+      const text = await response.text().catch(() => "");
+      throw new Error(
+        `Codex backend request failed: ${response.status}${text ? ` ${text}` : ""}`
+      );
+    }
+    if (!response.body) {
+      throw new Error("Codex backend returned an empty response stream");
+    }
+    const reader = response.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = "";
+    const emittedTextFromDelta = { value: false };
+    while (true) {
+      const { value, done } = await reader.read();
+      if (done) break;
+      buffer += decoder.decode(value, { stream: true });
+      let separatorIndex;
+      while ((separatorIndex = buffer.indexOf("\n\n")) !== -1) {
+        const block = buffer.slice(0, separatorIndex);
+        buffer = buffer.slice(separatorIndex + 2);
+        const data = block.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trimStart()).join("\n");
+        this.handleStreamEvent(data, onChunk, emittedTextFromDelta);
+      }
+    }
+    const trailing = buffer.trim();
+    if (trailing) {
+      const data = trailing.split("\n").filter((line) => line.startsWith("data:")).map((line) => line.slice(5).trimStart()).join("\n");
+      this.handleStreamEvent(data, onChunk, emittedTextFromDelta);
+    }
+  }
+  async streamQuery(systemPrompt, userMessage, onChunk, onEnd, history) {
+    await this.ensureFreshTokens();
+    this.abortController = new AbortController();
+    try {
+      await this.streamCodexResponse(systemPrompt, userMessage, onChunk, history);
+    } catch (err) {
+      if (err.name !== "AbortError") {
+        const msg = err instanceof Error ? err.message : String(err);
+        logger$f.error("Codex streamQuery error:", err);
+        onChunk(`
+
+[Error: ${msg}]`);
+      }
+    } finally {
+      this.abortController = null;
+      onEnd();
+    }
+  }
+  async streamAgentQuery(systemPrompt, userMessage, _tools, onChunk, _onToolCall, onEnd, history) {
+    await this.ensureFreshTokens();
+    this.abortController = new AbortController();
+    try {
+      await this.streamCodexResponse(systemPrompt, userMessage, onChunk, history);
+    } catch (err) {
+      if (err.name !== "AbortError") {
+        const msg = err instanceof Error ? err.message : String(err);
+        logger$f.error("Codex streamAgentQuery error:", err);
+        onChunk(`
+
+[Error: ${msg}]`);
+      }
+    } finally {
+      this.abortController = null;
+      onEnd();
+    }
+  }
+  cancel() {
+    this.abortController?.abort();
+    this.abortController = null;
+  }
+}
 function sanitizeProviderConfig(config) {
   return {
     ...config,
@@ -8430,7 +9013,7 @@ function validateProviderConnection(config, options = { requireModel: true }) {
   if (!meta) {
     return "Selected AI provider is not supported.";
   }
-  if (meta.requiresApiKey && !normalized.apiKey) {
+  if (meta.type !== "codex_oauth" && meta.requiresApiKey && !normalized.apiKey) {
     return `${meta.name} requires an API key. Open settings (Ctrl+,) to add one.`;
   }
   if (options.requireModel && !normalized.model) {
@@ -8449,8 +9032,8 @@ function extractLlamaCppCtxSize(payload) {
     const current = queue.shift();
     if (!current || typeof current !== "object" || visited.has(current)) continue;
     visited.add(current);
-    for (const [key, value] of Object.entries(current)) {
-      if (typeof value === "number" && Number.isFinite(value) && /^(n_ctx|ctx_size|context_size)$/i.test(key)) {
+    for (const [key2, value] of Object.entries(current)) {
+      if (typeof value === "number" && Number.isFinite(value) && /^(n_ctx|ctx_size|context_size)$/i.test(key2)) {
         return value;
       }
       if (value && typeof value === "object") {
@@ -8472,6 +9055,34 @@ function buildLlamaCppCtxWarning(ctxSize) {
   }
   return void 0;
 }
+async function fetchCodexBackendModels(tokens) {
+  const url = new URL("https://chatgpt.com/backend-api/codex/models");
+  url.searchParams.set("client_version", "0.129.0");
+  const headers = {
+    Authorization: `Bearer ${tokens.accessToken}`,
+    originator: "codex_cli_rs",
+    "User-Agent": "codex_cli_rs/0.129.0 Vessel"
+  };
+  if (tokens.accountId) {
+    headers["ChatGPT-Account-ID"] = tokens.accountId;
+  }
+  const response = await fetch(url.toString(), { headers });
+  if (!response.ok) {
+    throw new Error(`Codex backend model discovery failed: ${response.status}`);
+  }
+  const payload = await response.json();
+  if (!Array.isArray(payload.models)) {
+    throw new Error("Codex backend model discovery returned an invalid response");
+  }
+  return payload.models.map((model) => {
+    if (!model || typeof model !== "object") return null;
+    const record = model;
+    const id = record.slug || record.id || record.model;
+    const visibility = record.visibility;
+    if (visibility === "hidden") return null;
+    return typeof id === "string" && id.trim() ? id.trim() : null;
+  }).filter((id) => id !== null);
+}
 async function probeLlamaCppCtxWarning(baseURL) {
   try {
     const root = new URL(baseURL);
@@ -8499,6 +9110,24 @@ async function fetchProviderModels(config) {
     const page2 = await client2.models.list();
     return okResult({ models: page2.data.map((model) => model.id) });
   }
+  if (normalized.id === "openai_codex") {
+    const tokens = readStoredCodexTokens();
+    if (!tokens) {
+      throw new Error("Codex provider requires authentication. Connect your ChatGPT account in settings.");
+    }
+    try {
+      const models2 = await fetchCodexBackendModels(tokens);
+      if (models2.length > 0) {
+        return okResult({ models: models2 });
+      }
+      throw new Error("Codex backend model discovery returned no models");
+    } catch (err) {
+      return okResult({
+        models: PROVIDERS.openai_codex.models,
+        warning: `Using built-in Codex model list because live discovery failed: ${err instanceof Error ? err.message : "Unknown error"}`
+      });
+    }
+  }
   const meta = PROVIDERS[normalized.id];
   const baseURL = normalized.baseUrl || meta?.defaultBaseUrl || "https://api.openai.com/v1";
   const client = new OpenAI({
@@ -8528,10 +9157,19 @@ function createProvider(config) {
       normalized.reasoningEffort
     );
   }
+  if (normalized.id === "openai_codex") {
+    const tokens = readStoredCodexTokens();
+    if (!tokens) {
+      throw new Error(
+        "OpenAI Codex requires authentication. Open settings to connect your ChatGPT account."
+      );
+    }
+    return new CodexProvider(tokens, normalized.model, normalized.baseUrl);
+  }
   return new OpenAICompatProvider(normalized);
 }
 const require$1 = node_module.createRequire(require("url").pathToFileURL(__filename).href);
-const logger$d = createLogger("DevTrace");
+const logger$e = createLogger("DevTrace");
 let cachedFactory;
 function createNoopTraceSession() {
   return {
@@ -8564,7 +9202,7 @@ function loadLocalFactory() {
         return cachedFactory;
       }
     } catch (err) {
-      logger$d.warn("Failed to load local trace logger:", err);
+      logger$e.warn("Failed to load local trace logger:", err);
     }
   }
   return cachedFactory;
@@ -8617,14 +9255,14 @@ function normalizeStoredRadioOption(option) {
 function dedupeCandidates(actions) {
   const seen = /* @__PURE__ */ new Set();
   return actions.filter((action) => {
-    const key = [
+    const key2 = [
       action.selector || "",
       action.label || "",
       action.role || "",
       action.labelSource || ""
     ].join("::");
-    if (seen.has(key)) return false;
-    seen.add(key);
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   });
 }
@@ -8869,11 +9507,11 @@ function getQuantityElements(page) {
   ];
   return elements.filter((el) => {
     if (!isQuantityLike(el)) return false;
-    const key = String(
+    const key2 = String(
       el.index ?? el.selector ?? `${el.type}|${el.name || ""}|${el.label || ""}|${el.value || ""}`
     );
-    if (seen.has(key)) return false;
-    seen.add(key);
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   });
 }
@@ -8915,9 +9553,9 @@ function getCartItemLinks(page) {
       return false;
     }
     if (blockedText.test(text) || blockedHref.test(href)) return false;
-    const key = `${normalizeComparable(text)}|${normalizeUrlForMatch(href) || href}`;
-    if (seen.has(key)) return false;
-    seen.add(key);
+    const key2 = `${normalizeComparable(text)}|${normalizeUrlForMatch(href) || href}`;
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   }).slice(0, 12);
 }
@@ -9018,11 +9656,11 @@ function getPurchaseActionElements(page, options) {
     if (!isPurchaseActionElement(el)) return false;
     if (visibleOnly && !isVisibleToUser(el)) return false;
     if (el.blockedByOverlay) return false;
-    const key = String(
+    const key2 = String(
       el.index ?? el.selector ?? `${el.type}|${el.text || ""}|${el.label || ""}|${el.href || ""}`
     );
-    if (seen.has(key)) return false;
-    seen.add(key);
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   }).sort((a, b) => {
     const delta = purchaseActionPriority(a) - purchaseActionPriority(b);
@@ -9039,10 +9677,10 @@ function getOffscreenPurchaseActionElements(page) {
     )
   );
   return getPurchaseActionElements(page, { visibleOnly: false }).filter((el) => {
-    const key = String(
+    const key2 = String(
       el.index ?? el.selector ?? `${el.type}|${el.text || ""}|${el.label || ""}|${el.href || ""}`
     );
-    return !visibleKeys.has(key) && el.visible !== false;
+    return !visibleKeys.has(key2) && el.visible !== false;
   });
 }
 function getDialogFocusedElements(page) {
@@ -9308,7 +9946,7 @@ function formatStructuredValue(value, depth = 0) {
     const rendered = value.map((item) => formatStructuredValue(item, depth + 1)).filter(Boolean).slice(0, depth === 0 ? 8 : 5);
     return rendered.join(depth === 0 ? ", " : " | ");
   }
-  const entries = Object.entries(value).slice(0, 6).map(([key, entry]) => `${key}: ${formatStructuredValue(entry, depth + 1)}`).filter((entry) => !entry.endsWith(": "));
+  const entries = Object.entries(value).slice(0, 6).map(([key2, entry]) => `${key2}: ${formatStructuredValue(entry, depth + 1)}`).filter((entry) => !entry.endsWith(": "));
   return entries.join(", ");
 }
 function formatStructuredEntities(entities) {
@@ -9323,13 +9961,13 @@ function formatStructuredEntities(entities) {
     if (entity.url && entity.url !== entity.name) {
       lines.push(`  url: ${entity.url}`);
     }
-    for (const [key, value] of Object.entries(entity.attributes).slice(
+    for (const [key2, value] of Object.entries(entity.attributes).slice(
       0,
       8
     )) {
       const rendered = formatStructuredValue(value);
       if (rendered) {
-        lines.push(`  ${key}: ${rendered}`);
+        lines.push(`  ${key2}: ${rendered}`);
       }
     }
     return lines.join("\n");
@@ -9427,17 +10065,17 @@ function formatJsonLd(items) {
       }
       return String(val);
     };
-    for (const key of priorityFields) {
-      if (key in item) {
-        seen.add(key);
-        const rendered = renderValue(item[key]);
-        if (rendered) lines.push(`  ${key}: ${rendered}`);
+    for (const key2 of priorityFields) {
+      if (key2 in item) {
+        seen.add(key2);
+        const rendered = renderValue(item[key2]);
+        if (rendered) lines.push(`  ${key2}: ${rendered}`);
       }
     }
-    for (const [key, val] of Object.entries(item)) {
-      if (seen.has(key) || SKIP.has(key) || key === "@type") continue;
+    for (const [key2, val] of Object.entries(item)) {
+      if (seen.has(key2) || SKIP.has(key2) || key2 === "@type") continue;
       const rendered = renderValue(val);
-      if (rendered) lines.push(`  ${key}: ${rendered}`);
+      if (rendered) lines.push(`  ${key2}: ${rendered}`);
     }
     lines.push("");
   }
@@ -9572,9 +10210,9 @@ function getResultCandidates(page) {
   );
   const seen = /* @__PURE__ */ new Set();
   return scored.map(({ element }) => element).filter((element) => {
-    const key = `${normalizeComparable(element.text || "")}|${normalizeUrlForMatch(element.href) || ""}`;
-    if (seen.has(key)) return false;
-    seen.add(key);
+    const key2 = `${normalizeComparable(element.text || "")}|${normalizeUrlForMatch(element.href) || ""}`;
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   });
 }
@@ -10371,9 +11009,9 @@ function getCompactPrimaryResultLinks(page, options) {
   })).filter(({ score }) => score >= (listingLike ? 5 : 7)).sort(
     (a, b) => b.score - a.score || (a.element.index ?? Number.MAX_SAFE_INTEGER) - (b.element.index ?? Number.MAX_SAFE_INTEGER)
   ).map(({ element }) => element).filter((element) => {
-    const key = `${normalizeComparable(element.text)}|${normalizeUrlForMatch(element.href) || ""}`;
-    if (seen.has(key)) return false;
-    seen.add(key);
+    const key2 = `${normalizeComparable(element.text)}|${normalizeUrlForMatch(element.href) || ""}`;
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   }).slice(0, max);
 }
@@ -10419,9 +11057,9 @@ function formatElement(element) {
 function uniqueElements(elements) {
   const seen = /* @__PURE__ */ new Set();
   return elements.filter((element) => {
-    const key = `${element.index ?? ""}|${element.type}|${elementLabel(element)}|${element.href ?? ""}`;
-    if (seen.has(key)) return false;
-    seen.add(key);
+    const key2 = `${element.index ?? ""}|${element.type}|${elementLabel(element)}|${element.href ?? ""}`;
+    if (seen.has(key2)) return false;
+    seen.add(key2);
     return true;
   });
 }
@@ -11744,12 +12382,12 @@ function normalizeAgentHints(value) {
     return void 0;
   }
   const normalized = Object.fromEntries(
-    Object.entries(value).map(([key, hint]) => [key.trim(), normalizeOptionalString(hint)]).filter((entry) => Boolean(entry[0] && entry[1]))
+    Object.entries(value).map(([key2, hint]) => [key2.trim(), normalizeOptionalString(hint)]).filter((entry) => Boolean(entry[0] && entry[1]))
   );
   return Object.keys(normalized).length > 0 ? normalized : void 0;
 }
-function hasOwn(value, key) {
-  return Object.prototype.hasOwnProperty.call(value, key);
+function hasOwn(value, key2) {
+  return Object.prototype.hasOwnProperty.call(value, key2);
 }
 function normalizeBookmarkMetadata(input) {
   const normalized = {};
@@ -11787,7 +12425,7 @@ const UNSORTED_ID = "unsorted";
 const ARCHIVE_FOLDER_NAME = "Archive";
 const NETSCAPE_BOOKMARKS_DOCTYPE = "<!DOCTYPE NETSCAPE-Bookmark-file-1>";
 const SAVE_DEBOUNCE_MS$1 = 250;
-let state$1 = null;
+let state$2 = null;
 const listeners = /* @__PURE__ */ new Set();
 function cloneState(current) {
   return {
@@ -11802,18 +12440,18 @@ function createPersistence() {
   return createDebouncedJsonPersistence({
     debounceMs: SAVE_DEBOUNCE_MS$1,
     filePath: getBookmarksPath(),
-    getValue: () => state$1,
+    getValue: () => state$2,
     logLabel: "bookmarks"
   });
 }
-let persistence$1 = null;
+let persistence$3 = null;
 function getPersistence() {
-  persistence$1 ??= createPersistence();
-  return persistence$1;
+  persistence$3 ??= createPersistence();
+  return persistence$3;
 }
 function load$1() {
-  if (state$1) return state$1;
-  state$1 = loadJsonFile({
+  if (state$2) return state$2;
+  state$2 = loadJsonFile({
     filePath: getBookmarksPath(),
     fallback: { folders: [], bookmarks: [] },
     parse: (raw) => {
@@ -11824,21 +12462,21 @@ function load$1() {
       };
     }
   });
-  return state$1;
+  return state$2;
 }
-function save() {
+function save$1() {
   getPersistence().schedule();
 }
 function assignDefinedBookmarkFields(bookmark, fields) {
   if (!fields) return;
-  for (const [key, value] of Object.entries(fields)) {
+  for (const [key2, value] of Object.entries(fields)) {
     if (value === void 0) continue;
-    Object.assign(bookmark, { [key]: value });
+    Object.assign(bookmark, { [key2]: value });
   }
 }
-function emit() {
-  if (!state$1) return;
-  const snapshot = cloneState(state$1);
+function emit$2() {
+  if (!state$2) return;
+  const snapshot = cloneState(state$2);
   for (const listener of listeners) {
     listener(snapshot);
   }
@@ -11857,7 +12495,7 @@ function getBookmarkDescription(bookmark) {
     bookmark.intent ? `Intent: ${bookmark.intent}` : "",
     bookmark.expectedContent ? `Expected content: ${bookmark.expectedContent}` : "",
     bookmark.keyFields?.length ? `Key fields: ${bookmark.keyFields.join(", ")}` : "",
-    bookmark.agentHints && Object.keys(bookmark.agentHints).length > 0 ? `Agent hints: ${Object.entries(bookmark.agentHints).map(([key, value]) => `${key}: ${value}`).join("; ")}` : ""
+    bookmark.agentHints && Object.keys(bookmark.agentHints).length > 0 ? `Agent hints: ${Object.entries(bookmark.agentHints).map(([key2, value]) => `${key2}: ${value}`).join("; ")}` : ""
   ].filter(Boolean);
   return lines.join("\n");
 }
@@ -11960,28 +12598,28 @@ function subscribe(listener) {
   };
 }
 function clearAll() {
-  state$1 = { folders: [], bookmarks: [] };
-  save();
-  emit();
+  state$2 = { folders: [], bookmarks: [] };
+  save$1();
+  emit$2();
 }
 function getBookmark(id) {
   load$1();
-  const bookmark = state$1.bookmarks.find((item) => item.id === id);
+  const bookmark = state$2.bookmarks.find((item) => item.id === id);
   return bookmark ? { ...bookmark } : null;
 }
 function getBookmarkByUrl(url) {
   load$1();
   const normalized = url.trim();
   if (!normalized) return null;
-  const bookmark = [...state$1.bookmarks].reverse().find((item) => item.url === normalized);
+  const bookmark = [...state$2.bookmarks].reverse().find((item) => item.url === normalized);
   return bookmark ? { ...bookmark } : null;
 }
 function getBookmarkByUrlInFolder(url, folderId) {
   load$1();
   const normalizedUrl = url.trim();
   if (!normalizedUrl) return null;
-  const targetFolderId = folderId && folderId !== UNSORTED_ID ? state$1.folders.find((f) => f.id === folderId)?.id ?? UNSORTED_ID : UNSORTED_ID;
-  const bookmark = [...state$1.bookmarks].reverse().find(
+  const targetFolderId = folderId && folderId !== UNSORTED_ID ? state$2.folders.find((f) => f.id === folderId)?.id ?? UNSORTED_ID : UNSORTED_ID;
+  const bookmark = [...state$2.bookmarks].reverse().find(
     (item) => item.url === normalizedUrl && item.folderId === targetFolderId
   );
   return bookmark ? { ...bookmark } : null;
@@ -11989,14 +12627,14 @@ function getBookmarkByUrlInFolder(url, folderId) {
 function getFolder(id) {
   load$1();
   if (!id || id === UNSORTED_ID) return null;
-  const folder = state$1.folders.find((item) => item.id === id);
+  const folder = state$2.folders.find((item) => item.id === id);
   return folder ? { ...folder } : null;
 }
 function findFolderByName(name) {
   load$1();
   const normalized = name.trim().toLowerCase();
   if (!normalized || normalized === "unsorted") return null;
-  const folder = state$1.folders.find(
+  const folder = state$2.folders.find(
     (item) => item.name.trim().toLowerCase() === normalized
   );
   return folder ? { ...folder } : null;
@@ -12004,7 +12642,7 @@ function findFolderByName(name) {
 function listFolderOverviews() {
   load$1();
   const counts = /* @__PURE__ */ new Map();
-  for (const bookmark of state$1.bookmarks) {
+  for (const bookmark of state$2.bookmarks) {
     counts.set(bookmark.folderId, (counts.get(bookmark.folderId) ?? 0) + 1);
   }
   return [
@@ -12013,7 +12651,7 @@ function listFolderOverviews() {
       name: "Unsorted",
       count: counts.get(UNSORTED_ID) ?? 0
     },
-    ...state$1.folders.map((folder) => ({
+    ...state$2.folders.map((folder) => ({
       id: folder.id,
       name: folder.name,
       summary: folder.summary,
@@ -12024,8 +12662,8 @@ function listFolderOverviews() {
 function searchBookmarks(query) {
   load$1();
   if (!query.trim()) return [];
-  return state$1.bookmarks.map((bookmark) => {
-    const folder = state$1.folders.find(
+  return state$2.bookmarks.map((bookmark) => {
+    const folder = state$2.folders.find(
       (item) => item.id === bookmark.folderId
     );
     const { matchedFields, score } = getBookmarkSearchMatch({
@@ -12063,9 +12701,9 @@ function createFolderWithSummary(name, summary) {
     summary: summary?.trim() || void 0,
     createdAt: (/* @__PURE__ */ new Date()).toISOString()
   };
-  state$1.folders.push(folder);
-  save();
-  emit();
+  state$2.folders.push(folder);
+  save$1();
+  emit$2();
   return folder;
 }
 function ensureFolder(name, summary) {
@@ -12094,7 +12732,7 @@ function saveBookmarkWithPolicy(url, title, folderId, note, options) {
     throw new Error("Bookmark URL cannot be empty");
   }
   const normalizedTitle = title.trim() || normalizedUrl;
-  const targetId = folderId && folderId !== UNSORTED_ID ? state$1.folders.find((f) => f.id === folderId)?.id ?? UNSORTED_ID : UNSORTED_ID;
+  const targetId = folderId && folderId !== UNSORTED_ID ? state$2.folders.find((f) => f.id === folderId)?.id ?? UNSORTED_ID : UNSORTED_ID;
   const duplicatePolicy = options?.onDuplicate ?? "ask";
   const existing = getBookmarkByUrlInFolder(normalizedUrl, targetId);
   if (existing) {
@@ -12105,7 +12743,7 @@ function saveBookmarkWithPolicy(url, title, folderId, note, options) {
       };
     }
     if (duplicatePolicy === "update") {
-      const bookmark2 = state$1.bookmarks.find((item) => item.id === existing.id);
+      const bookmark2 = state$2.bookmarks.find((item) => item.id === existing.id);
       if (!bookmark2) {
         return {
           status: "conflict",
@@ -12118,8 +12756,8 @@ function saveBookmarkWithPolicy(url, title, folderId, note, options) {
       }
       assignDefinedBookmarkFields(bookmark2, options?.extra);
       bookmark2.savedAt = (/* @__PURE__ */ new Date()).toISOString();
-      save();
-      emit();
+      save$1();
+      emit$2();
       return {
         status: "updated",
         bookmark: { ...bookmark2 }
@@ -12135,9 +12773,9 @@ function saveBookmarkWithPolicy(url, title, folderId, note, options) {
     savedAt: (/* @__PURE__ */ new Date()).toISOString(),
     ...options?.extra
   };
-  state$1.bookmarks.push(bookmark);
-  save();
-  emit();
+  state$2.bookmarks.push(bookmark);
+  save$1();
+  emit$2();
   return {
     status: "created",
     bookmark
@@ -12145,18 +12783,18 @@ function saveBookmarkWithPolicy(url, title, folderId, note, options) {
 }
 function removeBookmark(id) {
   load$1();
-  const before = state$1.bookmarks.length;
-  state$1.bookmarks = state$1.bookmarks.filter((b) => b.id !== id);
-  if (state$1.bookmarks.length !== before) {
-    save();
-    emit();
+  const before = state$2.bookmarks.length;
+  state$2.bookmarks = state$2.bookmarks.filter((b) => b.id !== id);
+  if (state$2.bookmarks.length !== before) {
+    save$1();
+    emit$2();
     return true;
   }
   return false;
 }
 function updateBookmark(id, updates) {
   load$1();
-  const bookmark = state$1.bookmarks.find((item) => item.id === id);
+  const bookmark = state$2.bookmarks.find((item) => item.id === id);
   if (!bookmark) return null;
   const metadataUpdates = normalizeBookmarkMetadataUpdate({
     intent: updates.intent,
@@ -12173,7 +12811,7 @@ function updateBookmark(id, updates) {
     bookmark.note = trimmed || void 0;
   }
   if (typeof updates.folderId === "string") {
-    bookmark.folderId = updates.folderId && updates.folderId !== UNSORTED_ID ? state$1.folders.find((item) => item.id === updates.folderId)?.id ?? UNSORTED_ID : UNSORTED_ID;
+    bookmark.folderId = updates.folderId && updates.folderId !== UNSORTED_ID ? state$2.folders.find((item) => item.id === updates.folderId)?.id ?? UNSORTED_ID : UNSORTED_ID;
   }
   if ("intent" in metadataUpdates) {
     bookmark.intent = metadataUpdates.intent;
@@ -12190,36 +12828,36 @@ function updateBookmark(id, updates) {
   if ("agentHints" in metadataUpdates) {
     bookmark.agentHints = metadataUpdates.agentHints;
   }
-  save();
-  emit();
+  save$1();
+  emit$2();
   return { ...bookmark };
 }
 function removeFolder(id, deleteContents = false) {
   load$1();
-  const exists = state$1.folders.some((f) => f.id === id);
+  const exists = state$2.folders.some((f) => f.id === id);
   if (!exists) return false;
   if (deleteContents) {
-    state$1.bookmarks = state$1.bookmarks.filter((b) => b.folderId !== id);
+    state$2.bookmarks = state$2.bookmarks.filter((b) => b.folderId !== id);
   } else {
-    state$1.bookmarks = state$1.bookmarks.map(
+    state$2.bookmarks = state$2.bookmarks.map(
       (b) => b.folderId === id ? { ...b, folderId: UNSORTED_ID } : b
     );
   }
-  state$1.folders = state$1.folders.filter((f) => f.id !== id);
-  save();
-  emit();
+  state$2.folders = state$2.folders.filter((f) => f.id !== id);
+  save$1();
+  emit$2();
   return true;
 }
 function renameFolder(id, newName, summary) {
   load$1();
-  const folder = state$1.folders.find((f) => f.id === id);
+  const folder = state$2.folders.find((f) => f.id === id);
   if (!folder) return null;
   const trimmed = newName.trim();
   if (!trimmed) return null;
   folder.name = trimmed;
   folder.summary = summary?.trim() || void 0;
-  save();
-  emit();
+  save$1();
+  emit$2();
   return { ...folder };
 }
 function flushPersist$1() {
@@ -12230,7 +12868,7 @@ function importBookmarksFromHtml(content) {
   let skipped = 0;
   let errors = 0;
   load$1();
-  const existingUrls = new Set(state$1.bookmarks.map((b) => b.url));
+  const existingUrls = new Set(state$2.bookmarks.map((b) => b.url));
   let currentFolderId = UNSORTED_ID;
   let currentFolderName = "Imported";
   const lines = content.split("\n");
@@ -12239,7 +12877,7 @@ function importBookmarksFromHtml(content) {
     const folderMatch = line.match(/<DT><H3[^>]*>([^<]+)<\/H3>/i);
     if (folderMatch) {
       currentFolderName = folderMatch[1].trim();
-      const existing = state$1.folders.find(
+      const existing = state$2.folders.find(
         (f) => f.name.toLowerCase() === currentFolderName.toLowerCase()
       );
       if (existing) {
@@ -12250,7 +12888,7 @@ function importBookmarksFromHtml(content) {
           name: currentFolderName,
           createdAt: (/* @__PURE__ */ new Date()).toISOString()
         };
-        state$1.folders.push(folder);
+        state$2.folders.push(folder);
         currentFolderId = folder.id;
       }
       continue;
@@ -12271,7 +12909,7 @@ function importBookmarksFromHtml(content) {
         else errors++;
         continue;
       }
-      state$1.bookmarks.push({
+      state$2.bookmarks.push({
         id: crypto$1.randomUUID(),
         url,
         title,
@@ -12283,8 +12921,8 @@ function importBookmarksFromHtml(content) {
     }
   }
   if (imported > 0) {
-    save();
-    emit();
+    save$1();
+    emit$2();
   }
   return { imported, skipped, errors };
 }
@@ -12297,14 +12935,14 @@ function importBookmarksFromJson(content) {
     const incomingFolders = Array.isArray(parsed?.folders) ? parsed.folders : [];
     const incomingBookmarks = Array.isArray(parsed?.bookmarks) ? parsed.bookmarks : [];
     load$1();
-    const existingUrls = new Set(state$1.bookmarks.map((b) => b.url));
+    const existingUrls = new Set(state$2.bookmarks.map((b) => b.url));
     const folderIdMap = /* @__PURE__ */ new Map();
     for (const folder of incomingFolders) {
       if (!folder?.id || !folder?.name) {
         errors++;
         continue;
       }
-      const existing = state$1.folders.find(
+      const existing = state$2.folders.find(
         (f) => f.name.toLowerCase() === folder.name.toLowerCase()
       );
       if (existing) {
@@ -12316,7 +12954,7 @@ function importBookmarksFromJson(content) {
           summary: folder.summary?.trim() || void 0,
           createdAt: folder.createdAt || (/* @__PURE__ */ new Date()).toISOString()
         };
-        state$1.folders.push(newFolder);
+        state$2.folders.push(newFolder);
         folderIdMap.set(folder.id, newFolder.id);
       }
     }
@@ -12330,7 +12968,7 @@ function importBookmarksFromJson(content) {
         continue;
       }
       const mappedFolderId = bookmark.folderId ? folderIdMap.get(bookmark.folderId) ?? UNSORTED_ID : UNSORTED_ID;
-      state$1.bookmarks.push({
+      state$2.bookmarks.push({
         id: crypto$1.randomUUID(),
         url: bookmark.url.trim(),
         title: typeof bookmark.title === "string" ? bookmark.title.trim() : bookmark.url,
@@ -12342,8 +12980,8 @@ function importBookmarksFromJson(content) {
       imported++;
     }
     if (imported > 0 || errors > 0) {
-      save();
-      emit();
+      save$1();
+      emit$2();
     }
   } catch {
     errors++;
@@ -12387,9 +13025,9 @@ async function captureLiveHighlightSnapshot(wc, savedHighlights = []) {
       text: normalizeText(highlight.text),
       color: highlight.color?.trim() || void 0
     })).filter((highlight) => highlight.text.length > 0).filter((highlight) => {
-      const key = `${highlight.text}\0${highlight.color ?? ""}`;
-      if (seen.has(key)) return false;
-      seen.add(key);
+      const key2 = `${highlight.text}\0${highlight.color ?? ""}`;
+      if (seen.has(key2)) return false;
+      seen.add(key2);
       return true;
     }).map((highlight) => ({
       ...highlight,
@@ -12683,7 +13321,7 @@ function formatDeadLinkMessage(label, result) {
   const status = result.statusCode ? `HTTP ${result.statusCode}` : "dead link";
   return `Skipped stale link "${label}" because ${destination} returned ${status}. Try a different link or URL instead.`;
 }
-const logger$c = createLogger("Screenshot");
+const logger$d = createLogger("Screenshot");
 const SCREENSHOT_RETRY_COUNT = 3;
 const SCREENSHOT_RETRY_BASE_DELAY_MS = 120;
 async function captureScreenshot(wc) {
@@ -12705,7 +13343,7 @@ async function captureScreenshot(wc) {
         }
       }
     } catch (err) {
-      logger$c.debug(
+      logger$d.debug(
         `capturePage attempt ${attempt + 1} failed; retrying if attempts remain.`,
         getErrorMessage(err)
       );
@@ -12738,17 +13376,17 @@ function sessionFileName(name) {
 function getSessionPath(name) {
   return path$1.join(ensureSessionsDir(), sessionFileName(name));
 }
-function writeSessionFile(filePath, data) {
+function writeSessionFile(filePath2, data) {
   fs$1.writeFileSync(
-    filePath,
+    filePath2,
     JSON.stringify({ version: SESSION_VERSION, ...data }, null, 2),
     { encoding: "utf-8", mode: 384 }
   );
-  fs$1.chmodSync(filePath, 384);
+  fs$1.chmodSync(filePath2, 384);
 }
-function readSessionFile(filePath) {
+function readSessionFile(filePath2) {
   try {
-    const raw = fs$1.readFileSync(filePath, "utf-8");
+    const raw = fs$1.readFileSync(filePath2, "utf-8");
     const parsed = JSON.parse(raw);
     if (!parsed || typeof parsed.name !== "string") {
       return null;
@@ -12969,9 +13607,9 @@ async function loadNamedSession(tabManager, name) {
   };
 }
 function deleteNamedSession(name) {
-  const filePath = getSessionPath(name);
-  if (!fs$1.existsSync(filePath)) return false;
-  fs$1.unlinkSync(filePath);
+  const filePath2 = getSessionPath(name);
+  if (!fs$1.existsSync(filePath2)) return false;
+  fs$1.unlinkSync(filePath2);
   return true;
 }
 function isInvalidTextTargetQuery(rawQuery) {
@@ -13579,7 +14217,7 @@ function buildHuggingFaceSearchShortcut(currentUrl, rawQuery) {
     appliedFilters
   };
 }
-const logger$b = createLogger("PageActions");
+const logger$c = createLogger("PageActions");
 function getBookmarkMetadataFromArgs(args) {
   return normalizeBookmarkMetadata({
     intent: args.intent ?? args.intent,
@@ -13765,7 +14403,7 @@ async function executePageScript(wc, script, options) {
     return result;
   } catch (err) {
     const label = options?.label ? ` (${options.label})` : "";
-    logger$b.warn(`Failed to execute page script${label}:`, err);
+    logger$c.warn(`Failed to execute page script${label}:`, err);
     return null;
   } finally {
     if (timer) {
@@ -13866,7 +14504,7 @@ Search results snapshot:
 ${truncated}`;
     }
   } catch (err) {
-    logger$b.warn("Failed to build post-search summary, falling back to nav summary:", err);
+    logger$c.warn("Failed to build post-search summary, falling back to nav summary:", err);
   }
   const fallback = await getPostNavSummary(wc);
   return fallback ? `${fallback}
@@ -13889,7 +14527,7 @@ Page snapshot after navigation:
 ${truncated}`;
     }
   } catch (err) {
-    logger$b.warn("Failed to build post-click navigation summary:", err);
+    logger$c.warn("Failed to build post-click navigation summary:", err);
   }
   return "";
 }
@@ -14383,7 +15021,7 @@ async function restoreLocaleSnapshot(wc, snapshot) {
       }
     }
   } catch (err) {
-    logger$b.warn("Failed to restore locale via history navigation, trying URL reload fallback:", err);
+    logger$c.warn("Failed to restore locale via history navigation, trying URL reload fallback:", err);
   }
   if (snapshot.url && snapshot.url !== wc.getURL()) {
     try {
@@ -14392,7 +15030,7 @@ async function restoreLocaleSnapshot(wc, snapshot) {
       await waitForLoad(wc, 3e3);
       return;
     } catch (err) {
-      logger$b.warn("Failed to restore locale via safe URL load, trying page reload fallback:", err);
+      logger$c.warn("Failed to restore locale via safe URL load, trying page reload fallback:", err);
     }
   }
   if (snapshot.url) {
@@ -14400,7 +15038,7 @@ async function restoreLocaleSnapshot(wc, snapshot) {
       await wc.reload();
       await waitForLoad(wc, 3e3);
     } catch (err) {
-      logger$b.warn("Failed to restore locale via page reload:", err);
+      logger$c.warn("Failed to restore locale via page reload:", err);
     }
   }
 }
@@ -14428,9 +15066,9 @@ function isAddToCartText(text) {
 }
 function recordCartClick(url, text) {
   recentCartClicks.set(url, { text, ts: Date.now() });
-  for (const [key, entry] of recentCartClicks) {
+  for (const [key2, entry] of recentCartClicks) {
     if (Date.now() - entry.ts > CART_CLICK_COOLDOWN_MS) {
-      recentCartClicks.delete(key);
+      recentCartClicks.delete(key2);
     }
   }
 }
@@ -14477,9 +15115,9 @@ function normalizeCartProductKey(url) {
   }
 }
 function pruneCartAddedProducts(now = Date.now()) {
-  for (const [key, entry] of cartAddedProducts) {
+  for (const [key2, entry] of cartAddedProducts) {
     if (now - entry.ts > CART_ADDED_TTL_MS) {
-      cartAddedProducts.delete(key);
+      cartAddedProducts.delete(key2);
     }
   }
 }
@@ -14505,7 +15143,7 @@ function isProductAlreadyInCart(url) {
 function getCartAddedSummary(url) {
   pruneCartAddedProducts();
   const origin = cartOrigin(url);
-  const items = Array.from(cartAddedProducts.entries()).filter(([key]) => !origin || key.startsWith(`${origin}/`)).map(([_path, info]) => `- ${info.title}`).join("\n");
+  const items = Array.from(cartAddedProducts.entries()).filter(([key2]) => !origin || key2.startsWith(`${origin}/`)).map(([_path, info]) => `- ${info.title}`).join("\n");
   if (!items) return "";
   const count = items.split("\n").length;
   return `
@@ -14752,7 +15390,7 @@ ${postActivationOverlayHint}`;
           return `${clickText} -> ${hrefFallbackUrl} (recovered via href fallback)`;
         }
       } catch (err) {
-        logger$b.warn("Failed href fallback after click, returning generic click result:", err);
+        logger$c.warn("Failed href fallback after click, returning generic click result:", err);
       }
     }
   }
@@ -14797,7 +15435,7 @@ async function tryAutoDismissCartDialog(wc) {
       return result;
     }
   } catch (err) {
-    logger$b.warn("Failed to auto-dismiss cart dialog, falling back to dialog actions:", err);
+    logger$c.warn("Failed to auto-dismiss cart dialog, falling back to dialog actions:", err);
   }
   return null;
 }
@@ -16161,8 +16799,8 @@ async function submitForm(wc, args) {
   }
   return "Submitted form";
 }
-async function pressKeyDirect(wc, key, index, selector) {
-  return pressKey(wc, { key, index, selector });
+async function pressKeyDirect(wc, key2, index, selector) {
+  return pressKey(wc, { key: key2, index, selector });
 }
 async function submitFormDirect(wc, index, selector) {
   return submitForm(wc, { index, selector });
@@ -16528,8 +17166,8 @@ async function searchPage(wc, args) {
   return `Searched "${query}" (same page — results may have loaded dynamically)${await getPostSearchSummary(wc)}`;
 }
 async function pressKey(wc, args) {
-  const key = typeof args.key === "string" ? args.key.trim() : "";
-  if (!key) return "Error: No key provided";
+  const key2 = typeof args.key === "string" ? args.key.trim() : "";
+  if (!key2) return "Error: No key provided";
   const selector = await resolveSelector(wc, args.index, args.selector);
   const focusResult = await executePageScript(
     wc,
@@ -16567,16 +17205,16 @@ async function pressKey(wc, args) {
     return focusResult.error;
   }
   wc.focus();
-  const normalizedKey = key.length === 1 ? key : key[0].toUpperCase() + key.slice(1);
+  const normalizedKey = key2.length === 1 ? key2 : key2[0].toUpperCase() + key2.slice(1);
   const electronKeyCode = normalizedKey === "Enter" ? "Return" : normalizedKey === "ArrowUp" ? "Up" : normalizedKey === "ArrowDown" ? "Down" : normalizedKey === "ArrowLeft" ? "Left" : normalizedKey === "ArrowRight" ? "Right" : normalizedKey;
   wc.sendInputEvent({ type: "keyDown", keyCode: electronKeyCode });
-  if (key.length === 1) {
-    wc.sendInputEvent({ type: "char", keyCode: key });
+  if (key2.length === 1) {
+    wc.sendInputEvent({ type: "char", keyCode: key2 });
   }
   await sleep(16);
   wc.sendInputEvent({ type: "keyUp", keyCode: electronKeyCode });
   const label = "label" in focusResult && typeof focusResult.label === "string" ? focusResult.label : null;
-  return label ? `Pressed key: ${key} on ${label}` : `Pressed key: ${key}`;
+  return label ? `Pressed key: ${key2} on ${label}` : `Pressed key: ${key2}`;
 }
 async function getPostActionState$1(ctx, name) {
   const tab = ctx.tabManager.getActiveTab();
@@ -16986,8 +17624,8 @@ async function executeAction(name, args, ctx) {
           if (!wc) return "Error: No active tab";
           const beforeUrl = wc.getURL();
           const result2 = await pressKey(wc, args);
-          const key = typeof args.key === "string" ? args.key.trim() : "";
-          if (key === "Enter") {
+          const key2 = typeof args.key === "string" ? args.key.trim() : "";
+          if (key2 === "Enter") {
             await waitForPotentialNavigation(wc, beforeUrl, 3e3);
             const afterUrl = wc.getURL();
             if (afterUrl !== beforeUrl) {
@@ -17067,7 +17705,7 @@ async function executeAction(name, args, ctx) {
               )
             ]);
           } catch (err) {
-            logger$b.warn("Failed to extract content for read_page, falling back to lighter recovery:", err);
+            logger$c.warn("Failed to extract content for read_page, falling back to lighter recovery:", err);
             content = null;
           }
           if (!content || content.content.length === 0) {
@@ -17084,12 +17722,12 @@ async function executeAction(name, args, ctx) {
                     new Promise((resolve) => setTimeout(() => resolve(null), 3e3))
                   ]);
                 } catch (err) {
-                  logger$b.warn("Failed to re-extract content after iframe consent dismissal:", err);
+                  logger$c.warn("Failed to re-extract content after iframe consent dismissal:", err);
                   content = null;
                 }
               }
             } catch (err) {
-              logger$b.warn("Failed iframe consent dismissal during read_page recovery:", err);
+              logger$c.warn("Failed iframe consent dismissal during read_page recovery:", err);
             }
           }
           if (content && content.content.length > 0) {
@@ -17502,7 +18140,7 @@ ${flow.steps.map((s, i) => `  ${i === 0 ? "→" : " "} ${s.label}`).join("\n")}`
           try {
             page = await extractContent(wc);
           } catch (err) {
-            logger$b.warn("Failed to extract content for suggest:", err);
+            logger$c.warn("Failed to extract content for suggest:", err);
             return "Could not read page. Try navigate to a working URL.";
           }
           const suggestions = [];
@@ -18092,17 +18730,17 @@ function escapeYaml(value) {
 }
 function renderFrontmatter(data) {
   const lines = ["---"];
-  for (const [key, value] of Object.entries(data)) {
+  for (const [key2, value] of Object.entries(data)) {
     if (value == null) continue;
     if (Array.isArray(value)) {
       if (value.length === 0) continue;
-      lines.push(`${key}:`);
+      lines.push(`${key2}:`);
       for (const item of value) {
         lines.push(`  - ${escapeYaml(item)}`);
       }
       continue;
     }
-    lines.push(`${key}: ${escapeYaml(value)}`);
+    lines.push(`${key2}: ${escapeYaml(value)}`);
   }
   lines.push("---", "");
   return lines.join("\n");
@@ -18155,11 +18793,11 @@ function parseFrontmatter(content) {
     activeArrayKey = "";
     const separatorIndex = trimmed.indexOf(":");
     if (separatorIndex === -1) continue;
-    const key = trimmed.slice(0, separatorIndex).trim();
+    const key2 = trimmed.slice(0, separatorIndex).trim();
     const value = trimmed.slice(separatorIndex + 1).trim();
-    if (key === "title" && value) {
+    if (key2 === "title" && value) {
       result.title = value.replace(/^["']|["']$/g, "");
-    } else if (key === "tags") {
+    } else if (key2 === "tags") {
       activeArrayKey = "tags";
       if (value.startsWith("[") && value.endsWith("]")) {
         const inline = value.slice(1, -1).split(",").map((item) => item.trim().replace(/^["']|["']$/g, "")).filter(Boolean);
@@ -18745,15 +19383,15 @@ Exception: ${result.exceptionDetails}`);
         value: zod.z.string().nullable().describe("Value to set, or null to remove the key")
       }
     },
-    async ({ type, key, value }) => {
+    async ({ type, key: key2, value }) => {
       return withDevToolsAction(
         runtime2,
         tabManager,
         "devtools_set_storage",
-        { type, key, value: value ? value.slice(0, 100) : null },
+        { type, key: key2, value: value ? value.slice(0, 100) : null },
         async () => {
           const session = getOrCreateSession(tabManager);
-          return session.setStorage(type, key, value);
+          return session.setStorage(type, key2, value);
         }
       );
     }
@@ -18827,7 +19465,7 @@ Exception: ${result.exceptionDetails}`);
     }
   );
 }
-const logger$a = createLogger("VaultShared");
+const logger$b = createLogger("VaultShared");
 const ALGORITHM = "aes-256-gcm";
 const IV_LENGTH = 12;
 const AUTH_TAG_LENGTH = 16;
@@ -18845,11 +19483,11 @@ function getOrCreateEncryptionKey(keyFilename) {
     const encryptedKey = fs$1.readFileSync(keyPath);
     return Buffer.from(electron.safeStorage.decryptString(encryptedKey), "utf-8");
   }
-  const key = crypto$2.randomBytes(32);
+  const key2 = crypto$2.randomBytes(32);
   fs$1.mkdirSync(path$1.dirname(keyPath), { recursive: true });
-  const encrypted = electron.safeStorage.encryptString(key.toString("utf-8"));
+  const encrypted = electron.safeStorage.encryptString(key2.toString("utf-8"));
   fs$1.writeFileSync(keyPath, encrypted, { mode: 384 });
-  return key;
+  return key2;
 }
 function createEncryptDecrypt(keyFilename) {
   let cachedKey = null;
@@ -18858,9 +19496,9 @@ function createEncryptDecrypt(keyFilename) {
     return cachedKey;
   }
   function encrypt2(plaintext) {
-    const key = getKey();
+    const key2 = getKey();
     const iv = crypto$2.randomBytes(IV_LENGTH);
-    const cipher = crypto$2.createCipheriv(ALGORITHM, key, iv, {
+    const cipher = crypto$2.createCipheriv(ALGORITHM, key2, iv, {
       authTagLength: AUTH_TAG_LENGTH
     });
     const encrypted = Buffer.concat([
@@ -18871,11 +19509,11 @@ function createEncryptDecrypt(keyFilename) {
     return Buffer.concat([iv, authTag, encrypted]);
   }
   function decrypt2(data) {
-    const key = getKey();
+    const key2 = getKey();
     const iv = data.subarray(0, IV_LENGTH);
     const authTag = data.subarray(IV_LENGTH, IV_LENGTH + AUTH_TAG_LENGTH);
     const ciphertext = data.subarray(IV_LENGTH + AUTH_TAG_LENGTH);
-    const decipher = crypto$2.createDecipheriv(ALGORITHM, key, iv, {
+    const decipher = crypto$2.createDecipheriv(ALGORITHM, key2, iv, {
       authTagLength: AUTH_TAG_LENGTH
     });
     decipher.setAuthTag(authTag);
@@ -18904,7 +19542,7 @@ function createVaultIO(vaultFilename, encrypt2, decrypt2) {
       cachedEntries = JSON.parse(json);
       return cachedEntries;
     } catch (err) {
-      logger$a.error("Failed to load vault:", err);
+      logger$b.error("Failed to load vault:", err);
       throw new Error("Could not unlock the vault. Check OS secret storage availability.");
     }
   }
@@ -18973,7 +19611,7 @@ function createAuditLog(filename, maxEntries) {
       } catch {
       }
     } catch (err) {
-      logger$a.error("Failed to write audit log:", err);
+      logger$b.error("Failed to write audit log:", err);
     }
   }
   function readAuditLog2(limit = 100) {
@@ -18983,7 +19621,7 @@ function createAuditLog(filename, maxEntries) {
       const lines = fs$1.readFileSync(auditPath, "utf-8").split("\n").filter((l) => l.trim());
       return lines.slice(-Math.min(limit, maxEntries)).map((line) => JSON.parse(line)).reverse();
     } catch (err) {
-      logger$a.error("Failed to read audit log:", err);
+      logger$b.error("Failed to read audit log:", err);
       return [];
     }
   }
@@ -19091,7 +19729,7 @@ async function requestConsent(request) {
 }
 const AUDIT_FILENAME = "vessel-vault-audit.jsonl";
 const MAX_ENTRIES = 1e3;
-const logger$9 = createLogger("VaultAudit");
+const logger$a = createLogger("VaultAudit");
 function getAuditPath() {
   return path$1.join(electron.app.getPath("userData"), AUDIT_FILENAME);
 }
@@ -19101,7 +19739,7 @@ function appendAuditEntry(entry) {
     fs$1.mkdirSync(path$1.dirname(auditPath), { recursive: true });
     fs$1.appendFileSync(auditPath, JSON.stringify(entry) + "\n");
   } catch (err) {
-    logger$9.error("Failed to write audit log:", err);
+    logger$a.error("Failed to write audit log:", err);
   }
 }
 function readAuditLog$1(limit = 100) {
@@ -19111,7 +19749,7 @@ function readAuditLog$1(limit = 100) {
     const lines = fs$1.readFileSync(auditPath, "utf-8").split("\n").filter((l) => l.trim());
     return lines.slice(-Math.min(limit, MAX_ENTRIES)).map((line) => JSON.parse(line)).reverse();
   } catch (err) {
-    logger$9.error("Failed to read audit log:", err);
+    logger$a.error("Failed to read audit log:", err);
     return [];
   }
 }
@@ -19284,7 +19922,7 @@ async function requestHumanVaultConsent(request) {
 }
 let httpServer = null;
 let mcpAuthToken = null;
-const logger$8 = createLogger("MCP");
+const logger$9 = createLogger("MCP");
 const MCP_AUTH_FILENAME = "mcp-auth.json";
 function getMcpAuthFilePath() {
   const configDir = process.env.VESSEL_CONFIG_DIR || path$1.join(
@@ -19312,15 +19950,15 @@ function getPersistentMcpAuthToken() {
 }
 function writeMcpAuthFile(endpoint, token) {
   try {
-    const filePath = getMcpAuthFilePath();
-    fs$1.mkdirSync(path$1.dirname(filePath), { recursive: true });
+    const filePath2 = getMcpAuthFilePath();
+    fs$1.mkdirSync(path$1.dirname(filePath2), { recursive: true });
     fs$1.writeFileSync(
-      filePath,
+      filePath2,
       JSON.stringify({ endpoint, token, pid: process.pid }, null, 2) + "\n",
       { mode: 384 }
     );
   } catch (err) {
-    logger$8.warn("Failed to write auth file:", err);
+    logger$9.warn("Failed to write auth file:", err);
   }
 }
 function clearMcpAuthFile() {
@@ -19333,10 +19971,10 @@ function clearMcpAuthFile() {
     return;
   }
   try {
-    const filePath = getMcpAuthFilePath();
-    fs$1.mkdirSync(path$1.dirname(filePath), { recursive: true });
+    const filePath2 = getMcpAuthFilePath();
+    fs$1.mkdirSync(path$1.dirname(filePath2), { recursive: true });
     fs$1.writeFileSync(
-      filePath,
+      filePath2,
       JSON.stringify(
         { endpoint: "", token: existingToken, pid: null },
         null,
@@ -19345,7 +19983,7 @@ function clearMcpAuthFile() {
       { mode: 384 }
     );
   } catch (err) {
-    logger$8.warn("Failed to clear auth file:", err);
+    logger$9.warn("Failed to clear auth file:", err);
   }
 }
 function asTextResponse(text) {
@@ -19435,7 +20073,7 @@ async function getPostActionState(tabManager, name) {
         }
       }
     } catch (err) {
-      logger$8.warn("Failed to compute post-action state warning:", err);
+      logger$9.warn("Failed to compute post-action state warning:", err);
     }
     return `${warning}
 [state: url=${wc.getURL()}, canGoBack=${tab.canGoBack()}, canGoForward=${tab.canGoForward()}, loading=${wc.isLoading()}]`;
@@ -19537,7 +20175,7 @@ async function waitForConditionMcp(wc, text, selector, timeoutMs) {
         }
       })()
     `).catch((err) => {
-      logger$8.warn("Failed to gather wait_for timeout diagnostic:", err);
+      logger$9.warn("Failed to gather wait_for timeout diagnostic:", err);
       return null;
     });
     if (typeof diagnostic === "string" && diagnostic.trim()) {
@@ -19624,7 +20262,7 @@ function registerTools(server, tabManager, runtime2) {
           const page = await extractContent(wc);
           pageType = detectPageType(page);
         } catch (err) {
-          logger$8.warn("Failed to detect page type for tool scoring, falling back to GENERAL:", err);
+          logger$9.warn("Failed to detect page type for tool scoring, falling back to GENERAL:", err);
         }
       }
       const scored = TOOL_DEFINITIONS.map((def) => {
@@ -20352,19 +20990,19 @@ ${buildScopedContext(pageContent, mode)}`;
         selector: zod.z.string().optional().describe("CSS selector to focus first")
       }
     },
-    async ({ key, index, selector }) => {
+    async ({ key: key2, index, selector }) => {
       const tab = tabManager.getActiveTab();
       if (!tab) return asNoActiveTabResponse();
       return withAction(
         runtime2,
         tabManager,
         "press_key",
-        { key, index, selector },
+        { key: key2, index, selector },
         async () => {
           const wc = tab.view.webContents;
           const beforeUrl = wc.getURL();
-          const result = await pressKeyDirect(wc, key, index, selector);
-          if (key === "Enter") {
+          const result = await pressKeyDirect(wc, key2, index, selector);
+          if (key2 === "Enter") {
             await waitForPotentialNavigation$1(wc, beforeUrl, 3e3);
             const afterUrl = wc.getURL();
             if (afterUrl !== beforeUrl) {
@@ -20830,7 +21468,7 @@ To analyze visually, call vision_analyze with image_url="${screenshotPath}"`
         )
       }
     },
-    async ({ index, selector, text, label, durationMs, persist, color }) => {
+    async ({ index, selector, text, label, durationMs, persist: persist2, color }) => {
       const tab = tabManager.getActiveTab();
       if (!tab) return asNoActiveTabResponse();
       const normalizedText = normalizeLooseString(text);
@@ -20844,7 +21482,7 @@ To analyze visually, call vision_analyze with image_url="${screenshotPath}"`
           text: normalizedText,
           label,
           durationMs,
-          persist,
+          persist: persist2,
           color
         },
         async () => {
@@ -20858,7 +21496,7 @@ To analyze visually, call vision_analyze with image_url="${screenshotPath}"`
             durationMs,
             color
           );
-          if (persist && !durationMs && !result.startsWith("Error") && !result.includes("not found")) {
+          if (persist2 && !durationMs && !result.startsWith("Error") && !result.includes("not found")) {
             const url = normalizeUrl$1(wc.getURL());
             addHighlight(
               url,
@@ -21022,7 +21660,7 @@ ${JSON.stringify(otherHighlights, null, 2)}`
             void 0,
             h.color
           ).catch(
-            (err) => logger$8.warn("Failed to restore highlight after removal:", err)
+            (err) => logger$9.warn("Failed to restore highlight after removal:", err)
           );
         }
       }
@@ -21870,7 +22508,7 @@ ${flow.steps.map((s, i) => `  ${i === 0 ? "→" : " "} ${s.label}`).join("\n")}`
       try {
         page = await extractContent(wc);
       } catch (err) {
-        logger$8.warn("Failed to extract page while generating suggestions:", err);
+        logger$9.warn("Failed to extract page while generating suggestions:", err);
         return asTextResponse(
           "Could not read page. Try navigate to a working URL."
         );
@@ -22479,7 +23117,7 @@ ${JSON.stringify(tableJson, null, 2)}`;
         try {
           targetDomain = new URL(tab.state.url).hostname;
         } catch (err) {
-          logger$8.warn("Failed to parse active tab URL for vault_status:", err);
+          logger$9.warn("Failed to parse active tab URL for vault_status:", err);
           return asErrorTextResponse("Could not parse active tab URL");
         }
       }
@@ -22545,7 +23183,7 @@ Use vault_login to fill the login form. Credentials are filled directly — you
       try {
         hostname = new URL(tab.state.url).hostname;
       } catch (err) {
-        logger$8.warn("Failed to parse active tab URL for vault_login:", err);
+        logger$9.warn("Failed to parse active tab URL for vault_login:", err);
         return asErrorTextResponse("Could not parse active tab URL");
       }
       const matches = findEntriesForDomain(`https://${hostname}`);
@@ -22639,7 +23277,7 @@ Use vault_login to fill the login form. Credentials are filled directly — you
       try {
         hostname = new URL(tab.state.url).hostname;
       } catch (err) {
-        logger$8.warn("Failed to parse active tab URL for vault_totp:", err);
+        logger$9.warn("Failed to parse active tab URL for vault_totp:", err);
         return asErrorTextResponse("Could not parse active tab URL");
       }
       const matches = findEntriesForDomain(`https://${hostname}`);
@@ -22937,7 +23575,7 @@ function startMcpServer(tabManager, runtime2, port) {
   });
   mcpAuthToken = getPersistentMcpAuthToken();
   return new Promise((resolve) => {
-    const server = http.createServer(async (req, res) => {
+    const server = http$1.createServer(async (req, res) => {
       const url = new URL(req.url || "/", `http://localhost:${port}`);
       if (url.pathname !== "/mcp") {
         res.writeHead(404);
@@ -22979,7 +23617,7 @@ function startMcpServer(tabManager, runtime2, port) {
         await mcpServer.connect(transport);
         await transport.handleRequest(req, res);
       } catch (error) {
-        logger$8.error("Error handling request:", error);
+        logger$9.error("Error handling request:", error);
         if (!res.headersSent) {
           res.writeHead(500, { "Content-Type": "application/json" });
           res.end(
@@ -22998,7 +23636,7 @@ function startMcpServer(tabManager, runtime2, port) {
     };
     server.once("error", (error) => {
       const message = error.code === "EADDRINUSE" ? `Port ${port} is already in use. MCP server not started.` : error.message;
-      logger$8.error("Server error:", error);
+      logger$9.error("Server error:", error);
       clearMcpAuthFile();
       setMcpHealth({
         configuredPort: port,
@@ -23030,7 +23668,7 @@ function startMcpServer(tabManager, runtime2, port) {
         message: `MCP server listening on ${endpoint}.`
       });
       if (process.env.VESSEL_DEBUG_MCP === "1" || process.env.VESSEL_DEBUG_MCP === "true") {
-        logger$8.info(`Server listening on ${endpoint} (auth enabled)`);
+        logger$9.info(`Server listening on ${endpoint} (auth enabled)`);
       }
       if (mcpAuthToken) {
         writeMcpAuthFile(endpoint, mcpAuthToken);
@@ -23069,7 +23707,7 @@ function stopMcpServer() {
         message: "MCP server is stopped."
       });
       if (process.env.VESSEL_DEBUG_MCP === "1" || process.env.VESSEL_DEBUG_MCP === "true") {
-        logger$8.info("Server stopped");
+        logger$9.info("Server stopped");
       }
       resolve();
     });
@@ -23090,7 +23728,7 @@ const KIT_ID_UNSAFE_CHAR_PATTERN = /[\/\\\0]/;
 function isSafeAutomationKitId(id) {
   return id.length > 0 && !KIT_ID_UNSAFE_CHAR_PATTERN.test(id);
 }
-const logger$7 = createLogger("KitRegistry");
+const logger$8 = createLogger("KitRegistry");
 function getUserKitsDir() {
   return path$1.join(electron.app.getPath("userData"), "kits");
 }
@@ -23128,10 +23766,10 @@ function getInstalledKits() {
       if (isValidKit(parsed)) {
         kits.push(parsed);
       } else {
-        logger$7.warn(`Skipping invalid kit file: ${file}`);
+        logger$8.warn(`Skipping invalid kit file: ${file}`);
       }
     } catch (err) {
-      logger$7.warn(`Failed to read kit file: ${file}`, err);
+      logger$8.warn(`Failed to read kit file: ${file}`, err);
     }
   }
   return kits;
@@ -23203,7 +23841,7 @@ function uninstallKit(id, scheduledKitIds) {
     return errorResult("Failed to remove the kit file.");
   }
 }
-const logger$6 = createLogger("Scheduler");
+const logger$7 = createLogger("Scheduler");
 let jobs = [];
 let removeIdleListener = null;
 let broadcastFn = null;
@@ -23228,7 +23866,7 @@ function saveJobs() {
   try {
     fs$1.writeFileSync(getJobsPath(), JSON.stringify(jobs, null, 2), "utf-8");
   } catch (err) {
-    logger$6.warn("Failed to save jobs:", err);
+    logger$7.warn("Failed to save jobs:", err);
   }
 }
 function normalizeJob(job, now = /* @__PURE__ */ new Date()) {
@@ -23350,7 +23988,7 @@ async function fireJob(job, windowState, runtime2) {
   };
   startActivity();
   if (!settings2.chatProvider) {
-    logger$6.warn(`Job "${job.kitName}" skipped — no chat provider configured`);
+    logger$7.warn(`Job "${job.kitName}" skipped — no chat provider configured`);
     appendActivity(
       "Chat provider not configured. Open Settings (Ctrl+,) to choose a provider."
     );
@@ -23358,7 +23996,7 @@ async function fireJob(job, windowState, runtime2) {
     return;
   }
   if (process.env.VESSEL_DEBUG_SCHEDULER === "1" || process.env.VESSEL_DEBUG_SCHEDULER === "true") {
-    logger$6.info(`Firing scheduled job: ${job.kitName} (${job.id})`);
+    logger$7.info(`Firing scheduled job: ${job.kitName} (${job.id})`);
   }
   try {
     const provider = createProvider(settings2.chatProvider);
@@ -23411,7 +24049,7 @@ function tick(windowState, runtime2) {
     saveJobs();
     broadcastFn?.(Channels.SCHEDULE_JOBS_UPDATE, jobs);
     void fireJob(job, windowState, runtime2).catch((err) => {
-      logger$6.warn("Unexpected error firing job:", err);
+      logger$7.warn("Unexpected error firing job:", err);
     }).finally(fireNext);
   };
   fireNext();
@@ -23523,7 +24161,7 @@ const PROFILE_FIELDS = [
   "postalCode",
   "country"
 ];
-let state = null;
+let state$1 = null;
 function getFilePath() {
   return path.join(electron.app.getPath("userData"), "vessel-autofill.json");
 }
@@ -23548,8 +24186,8 @@ function normalizeStoredProfile(value) {
   return profile;
 }
 function load() {
-  if (state) return state;
-  state = loadJsonFile({
+  if (state$1) return state$1;
+  state$1 = loadJsonFile({
     filePath: getFilePath(),
     fallback: getDefaultState(),
     secure: true,
@@ -23560,12 +24198,12 @@ function load() {
       };
     }
   });
-  return state;
+  return state$1;
 }
-const persistence = createDebouncedJsonPersistence({
+const persistence$2 = createDebouncedJsonPersistence({
   debounceMs: SAVE_DEBOUNCE_MS,
   filePath: getFilePath(),
-  getValue: () => state,
+  getValue: () => state$1,
   logLabel: "autofill",
   secure: true
 });
@@ -23585,7 +24223,7 @@ function addProfile(input) {
     updatedAt: now
   };
   s.profiles.push(profile);
-  persistence.schedule();
+  persistence$2.schedule();
   return profile;
 }
 function updateProfile(id, updates) {
@@ -23597,7 +24235,7 @@ function updateProfile(id, updates) {
     ...updates,
     updatedAt: (/* @__PURE__ */ new Date()).toISOString()
   };
-  persistence.schedule();
+  persistence$2.schedule();
   return s.profiles[idx];
 }
 function deleteProfile(id) {
@@ -23605,11 +24243,11 @@ function deleteProfile(id) {
   const len = s.profiles.length;
   s.profiles = s.profiles.filter((p) => p.id !== id);
   if (s.profiles.length === len) return false;
-  persistence.schedule();
+  persistence$2.schedule();
   return true;
 }
 function flushPersist() {
-  return persistence.flush();
+  return persistence$2.flush();
 }
 const AUTOCOMPLETE_MAP = {
   "given-name": "firstName",
@@ -23738,12 +24376,12 @@ function matchField(el, profile) {
   if (inputType === "hidden" || inputType === "submit" || inputType === "button" || inputType === "file" || inputType === "image") return null;
   if (inputType === "password" || inputType === "checkbox" || inputType === "radio") return null;
   if (el.autocomplete) {
-    const key = el.autocomplete.replace(/section-\w+\s+/, "").replace(/^shipping\s+|^billing\s+/, "");
-    if (key === "name" || key === "additional-name") {
+    const key2 = el.autocomplete.replace(/section-\w+\s+/, "").replace(/^shipping\s+|^billing\s+/, "");
+    if (key2 === "name" || key2 === "additional-name") {
       const fullName = getFullName(profile);
       if (fullName) return mk(fullName, 100, "autocomplete", "fullName");
     }
-    const pk = AUTOCOMPLETE_MAP[key];
+    const pk = AUTOCOMPLETE_MAP[key2];
     if (pk && profile[pk]) return mk(profile[pk], 100, "autocomplete", pk);
   }
   if (INPUT_TYPE_MAP[inputType]) {
@@ -24231,6 +24869,64 @@ function installAdBlockingForSession(ses, tabManager) {
     callback(getAdBlockDecision(details));
   });
 }
+const filePath$1 = () => path$1.join(electron.app.getPath("userData"), "vessel-downloads.json");
+function parse(raw) {
+  if (!raw || typeof raw !== "object") return { items: [] };
+  const items = Array.isArray(raw.items) ? raw.items : [];
+  return { items };
+}
+let state = loadJsonFile({ filePath: filePath$1(), fallback: { items: [] }, parse });
+const persistence$1 = createDebouncedJsonPersistence({
+  debounceMs: 250,
+  filePath: filePath$1(),
+  getValue: () => state,
+  logLabel: "downloads"
+});
+let broadcaster$1 = null;
+function persist() {
+  state.items = state.items.slice(0, 200);
+  persistence$1.schedule();
+}
+function emit$1() {
+  broadcaster$1?.(Channels.DOWNLOADS_UPDATE, state.items);
+}
+function setDownloadBroadcaster(fn) {
+  broadcaster$1 = fn;
+}
+function listDownloads() {
+  return state.items;
+}
+function upsertDownload(input) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const existing = state.items.find((item) => item.savePath === input.savePath);
+  if (existing) {
+    Object.assign(existing, input, { updatedAt: now });
+    persist();
+    emit$1();
+    return existing;
+  }
+  const record = { id: crypto$2.randomUUID(), ...input, startedAt: now, updatedAt: now };
+  state.items = [record, ...state.items];
+  persist();
+  emit$1();
+  return record;
+}
+function clearDownloads() {
+  state.items = [];
+  persist();
+  emit$1();
+}
+async function openDownload(id) {
+  const item = state.items.find((d) => d.id === id);
+  if (!item || !fs$1.existsSync(item.savePath)) return false;
+  return await electron.shell.openPath(item.savePath) === "";
+}
+async function showDownloadInFolder(id) {
+  const item = state.items.find((d) => d.id === id);
+  if (!item || !fs$1.existsSync(item.savePath)) return false;
+  electron.shell.showItemInFolder(item.savePath);
+  return true;
+}
 const defaultDownloadViews = /* @__PURE__ */ new Set();
 let defaultDownloadHandlerInstalled = false;
 function resolveDownloadPath(downloadDir, filename) {
@@ -24277,17 +24973,20 @@ function installDownloadHandlerForSession(targetSession, chromeView) {
       receivedBytes: 0,
       state: "progressing"
     };
-    send(Channels.DOWNLOAD_STARTED, info);
+    const record = upsertDownload(info);
+    send(Channels.DOWNLOAD_STARTED, { ...info, id: record.id, startedAt: record.startedAt, updatedAt: record.updatedAt });
     item.on("updated", (_event2, state2) => {
       info.receivedBytes = item.getReceivedBytes();
       info.totalBytes = item.getTotalBytes();
       info.state = state2 === "progressing" ? "progressing" : "interrupted";
-      send(Channels.DOWNLOAD_PROGRESS, info);
+      const record2 = upsertDownload(info);
+      send(Channels.DOWNLOAD_PROGRESS, { ...info, id: record2.id, startedAt: record2.startedAt, updatedAt: record2.updatedAt });
     });
     item.once("done", (_event2, state2) => {
       info.receivedBytes = item.getReceivedBytes();
       info.state = state2 === "completed" ? "completed" : "cancelled";
-      send(Channels.DOWNLOAD_DONE, info);
+      const record2 = upsertDownload(info);
+      send(Channels.DOWNLOAD_DONE, { ...info, id: record2.id, startedAt: record2.startedAt, updatedAt: record2.updatedAt });
     });
   });
 }
@@ -24521,7 +25220,7 @@ function createFindInPageBridge(tabManager, chromeView) {
     }
   };
 }
-const logger$5 = createLogger("PrivateWindow");
+const logger$6 = createLogger("PrivateWindow");
 const privateWindows = /* @__PURE__ */ new Set();
 function layoutPrivateViews(state2) {
   const { window: win, chromeView, tabManager } = state2;
@@ -24744,7 +25443,7 @@ function createPrivateWindow() {
       privateSession.clearStorageData(),
       privateSession.clearCache()
     ]).catch((error) => {
-      logger$5.warn("Failed to clear private browsing session:", error);
+      logger$6.warn("Failed to clear private browsing session:", error);
     });
   });
   privateWindows.add(state2);
@@ -24754,7 +25453,7 @@ function createPrivateWindow() {
   });
   loadPrivateRenderer(chromeView);
   win.show();
-  logger$5.info("Private browsing window opened");
+  logger$6.info("Private browsing window opened");
   return state2;
 }
 const secondaryWindows = /* @__PURE__ */ new Set();
@@ -25001,35 +25700,35 @@ function registerBookmarkHandlers() {
   electron.ipcMain.handle(
     Channels.BOOKMARKS_EXPORT_HTML,
     async (_, options) => {
-      const { canceled, filePath } = await electron.dialog.showSaveDialog({
+      const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
         title: "Export Bookmarks",
         defaultPath: "vessel-bookmarks.html",
         filters: [{ name: "HTML Bookmarks", extensions: ["html"] }]
       });
-      if (canceled || !filePath) return null;
+      if (canceled || !filePath2) return null;
       const content = exportBookmarksHtml({
         includeNotes: options?.includeNotes ?? false
       });
-      await fs.promises.writeFile(filePath, content, "utf-8");
+      await fs.promises.writeFile(filePath2, content, "utf-8");
       trackBookmarkAction("export");
       return {
-        filePath,
+        filePath: filePath2,
         count: getState().bookmarks.length
       };
     }
   );
   electron.ipcMain.handle(Channels.BOOKMARKS_EXPORT_JSON, async () => {
-    const { canceled, filePath } = await electron.dialog.showSaveDialog({
+    const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
       title: "Export Vessel Bookmark Archive",
       defaultPath: "vessel-bookmarks.json",
       filters: [{ name: "Vessel Bookmark Archive", extensions: ["json"] }]
     });
-    if (canceled || !filePath) return null;
+    if (canceled || !filePath2) return null;
     const content = exportBookmarksJson();
-    await fs.promises.writeFile(filePath, content, "utf-8");
+    await fs.promises.writeFile(filePath2, content, "utf-8");
     trackBookmarkAction("export");
     return {
-      filePath,
+      filePath: filePath2,
       count: getState().bookmarks.length
     };
   });
@@ -25038,20 +25737,20 @@ function registerBookmarkHandlers() {
     async (_, folderId, options) => {
       const folder = getFolder(folderId);
       if (!folder) return null;
-      const { canceled, filePath } = await electron.dialog.showSaveDialog({
+      const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
         title: `Export ${folder.name}`,
         defaultPath: `vessel-bookmarks-${getSafeBookmarkExportName(folder.name)}.html`,
         filters: [{ name: "HTML Bookmarks", extensions: ["html"] }]
       });
-      if (canceled || !filePath) return null;
+      if (canceled || !filePath2) return null;
       const result = exportBookmarkFolderHtml(folderId, {
         includeNotes: options?.includeNotes ?? true
       });
       if (!result) return null;
-      await fs.promises.writeFile(filePath, result.content, "utf-8");
+      await fs.promises.writeFile(filePath2, result.content, "utf-8");
       trackBookmarkAction("export");
       return {
-        filePath,
+        filePath: filePath2,
         count: result.count
       };
     }
@@ -25104,26 +25803,26 @@ function registerHistoryHandlers() {
     clearAll$1();
   });
   electron.ipcMain.handle(Channels.HISTORY_EXPORT_HTML, async () => {
-    const { canceled, filePath } = await electron.dialog.showSaveDialog({
+    const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
       title: "Export History",
       defaultPath: "vessel-history.html",
       filters: [{ name: "HTML", extensions: ["html"] }]
     });
-    if (canceled || !filePath) return null;
+    if (canceled || !filePath2) return null;
     const content = exportHistoryHtml();
-    await fs.promises.writeFile(filePath, content, "utf-8");
-    return { filePath, count: getState$1().entries.length };
+    await fs.promises.writeFile(filePath2, content, "utf-8");
+    return { filePath: filePath2, count: getState$1().entries.length };
   });
   electron.ipcMain.handle(Channels.HISTORY_EXPORT_JSON, async () => {
-    const { canceled, filePath } = await electron.dialog.showSaveDialog({
+    const { canceled, filePath: filePath2 } = await electron.dialog.showSaveDialog({
       title: "Export History",
       defaultPath: "vessel-history.json",
       filters: [{ name: "JSON", extensions: ["json"] }]
     });
-    if (canceled || !filePath) return null;
+    if (canceled || !filePath2) return null;
     const content = exportHistoryJson();
-    await fs.promises.writeFile(filePath, content, "utf-8");
-    return { filePath, count: getState$1().entries.length };
+    await fs.promises.writeFile(filePath2, content, "utf-8");
+    return { filePath: filePath2, count: getState$1().entries.length };
   });
   electron.ipcMain.handle(Channels.HISTORY_IMPORT, async () => {
     const { canceled, filePaths } = await electron.dialog.showOpenDialog({
@@ -25134,9 +25833,9 @@ function registerHistoryHandlers() {
       properties: ["openFile"]
     });
     if (canceled || filePaths.length === 0) return null;
-    const filePath = filePaths[0];
-    const content = await fs.promises.readFile(filePath, "utf-8");
-    const result = filePath.endsWith(".json") ? importHistoryFromJson(content) : importHistoryFromHtml(content);
+    const filePath2 = filePaths[0];
+    const content = await fs.promises.readFile(filePath2, "utf-8");
+    const result = filePath2.endsWith(".json") ? importHistoryFromJson(content) : importHistoryFromHtml(content);
     return result;
   });
 }
@@ -25368,6 +26067,161 @@ function registerSecurityHandlers(tabManager) {
     tabManager.goBackToSafety(tabId);
   });
 }
+const logger$5 = createLogger("CodexIPC");
+function registerCodexHandlers() {
+  electron.ipcMain.handle(Channels.CODEX_START_AUTH, async (event) => {
+    const wc = event.sender;
+    if (!wc || wc.isDestroyed()) {
+      return {
+        ok: false,
+        error: "No active window found for sender"
+      };
+    }
+    const sendStatus = (status, error) => {
+      try {
+        wc.send(Channels.CODEX_AUTH_STATUS, { status, error: error || null });
+      } catch {
+        logger$5.warn("Codex auth status send failed — window may be closed");
+      }
+    };
+    try {
+      const tokens = await startCodexOAuth(sendStatus);
+      writeStoredCodexTokens(tokens);
+      return {
+        ok: true,
+        accountEmail: tokens.accountEmail || tokens.accountId,
+        accountId: tokens.accountId
+      };
+    } catch (err) {
+      logger$5.error("Codex auth failed:", err);
+      return {
+        ok: false,
+        error: err instanceof Error ? err.message : "Unknown error"
+      };
+    }
+  });
+  electron.ipcMain.handle(Channels.CODEX_CANCEL_AUTH, () => {
+    cancelCodexOAuth();
+    return { ok: true };
+  });
+  electron.ipcMain.handle(Channels.CODEX_DISCONNECT, () => {
+    clearStoredCodexTokens();
+    return { ok: true };
+  });
+}
+const filePath = () => path$1.join(electron.app.getPath("userData"), "vessel-permissions.json");
+let records = loadJsonFile({
+  filePath: filePath(),
+  fallback: [],
+  parse: (raw) => Array.isArray(raw) ? raw : []
+});
+const persistence = createDebouncedJsonPersistence({ debounceMs: 250, filePath: filePath(), getValue: () => records, logLabel: "permissions" });
+let broadcaster = null;
+function key(origin, permission) {
+  return `${origin}
+${permission}`;
+}
+function emit() {
+  broadcaster?.(Channels.PERMISSIONS_GET, records);
+}
+function save(origin, permission, decision) {
+  const k = key(origin, permission);
+  const existing = records.find((r) => key(r.origin, r.permission) === k);
+  const updatedAt = (/* @__PURE__ */ new Date()).toISOString();
+  if (existing) Object.assign(existing, { decision, updatedAt });
+  else records.unshift({ origin, permission, decision, updatedAt });
+  persistence.schedule();
+  emit();
+}
+function listPermissions() {
+  return records;
+}
+function clearPermissions() {
+  records = [];
+  persistence.schedule();
+  emit();
+}
+function clearPermissionsForOrigin(origin) {
+  records = records.filter((record) => record.origin !== origin);
+  persistence.schedule();
+  emit();
+}
+function setPermissionBroadcaster(fn) {
+  broadcaster = fn;
+}
+function installPermissionHandler() {
+  electron.session.defaultSession.setPermissionRequestHandler((webContents, permission, callback, details) => {
+    const origin = new URL(details.requestingUrl || webContents.getURL()).origin;
+    const existing = records.find((r) => r.origin === origin && r.permission === permission);
+    if (existing) {
+      callback(existing.decision === "allow");
+      return;
+    }
+    const result = electron.dialog.showMessageBoxSync({
+      type: "question",
+      buttons: ["Deny", "Allow"],
+      defaultId: 0,
+      cancelId: 0,
+      title: "Site permission request",
+      message: `${origin} wants to use ${permission}`,
+      detail: "Vessel will remember your choice. You can clear saved permissions in Settings > Privacy."
+    });
+    const decision = result === 1 ? "allow" : "deny";
+    save(origin, permission, decision);
+    callback(decision === "allow");
+  });
+}
+const NPM_PACKAGE_URL = "https://registry.npmjs.org/@quanta-intellect%2Fvessel-browser/latest";
+const RELEASES_URL = "https://github.com/unmodeled-tyler/quanta-vessel-browser/releases/latest";
+function normalizeVersion(version) {
+  return version.replace(/^v/i, "").split(/[.-]/).slice(0, 3).map((part) => {
+    const n = Number.parseInt(part, 10);
+    return Number.isFinite(n) ? n : 0;
+  });
+}
+function compareVersions(a, b) {
+  const av = normalizeVersion(a);
+  const bv = normalizeVersion(b);
+  for (let i = 0; i < 3; i += 1) {
+    if ((av[i] ?? 0) > (bv[i] ?? 0)) return 1;
+    if ((av[i] ?? 0) < (bv[i] ?? 0)) return -1;
+  }
+  return 0;
+}
+async function checkForUpdates() {
+  const currentVersion = electron.app.getVersion();
+  const checkedAt = (/* @__PURE__ */ new Date()).toISOString();
+  try {
+    const response = await fetch(NPM_PACKAGE_URL, {
+      headers: { accept: "application/json", "user-agent": `Vessel/${currentVersion}` }
+    });
+    if (!response.ok) {
+      throw new Error(`Registry responded with ${response.status}`);
+    }
+    const body = await response.json();
+    const latestVersion = typeof body.version === "string" ? body.version : null;
+    if (!latestVersion) throw new Error("Registry response did not include a version");
+    return {
+      currentVersion,
+      latestVersion,
+      updateAvailable: compareVersions(latestVersion, currentVersion) > 0,
+      checkedAt,
+      releaseUrl: RELEASES_URL
+    };
+  } catch (error) {
+    return {
+      currentVersion,
+      latestVersion: null,
+      updateAvailable: false,
+      checkedAt,
+      releaseUrl: RELEASES_URL,
+      error: error instanceof Error ? error.message : "Update check failed"
+    };
+  }
+}
+async function openUpdateDownload() {
+  await electron.shell.openExternal(RELEASES_URL);
+}
 let activeChatProvider = null;
 const logger$4 = createLogger("IPC");
 const VALID_APPROVAL_MODES = ["auto", "confirm-dangerous", "manual"];
@@ -25765,18 +26619,18 @@ function registerIpcHandlers(windowState, runtime2) {
     return getRendererSettings();
   });
   electron.ipcMain.handle(Channels.SETTINGS_HEALTH_GET, () => getRuntimeHealth());
-  electron.ipcMain.handle(Channels.SETTINGS_SET, async (_, key, value) => {
-    assertString(key, "key");
-    if (!SETTABLE_KEYS.has(key)) {
-      throw new Error(`Unknown setting key: ${key}`);
+  electron.ipcMain.handle(Channels.SETTINGS_SET, async (_, key2, value) => {
+    assertString(key2, "key");
+    if (!SETTABLE_KEYS.has(key2)) {
+      throw new Error(`Unknown setting key: ${key2}`);
     }
-    const settingsKey = key;
+    const settingsKey = key2;
     const updatedSettings = setSetting(settingsKey, value);
-    trackSettingChanged(key);
-    if (key === "approvalMode") {
+    trackSettingChanged(key2);
+    if (key2 === "approvalMode") {
       runtime2.setApprovalMode(value);
     }
-    if (key === "mcpPort") {
+    if (key2 === "mcpPort") {
       await stopMcpServer();
       await startMcpServer(tabManager, runtime2, updatedSettings.mcpPort);
     }
@@ -25941,6 +26795,7 @@ function registerIpcHandlers(windowState, runtime2) {
   registerVaultHandlers();
   registerHumanVaultHandlers();
   registerWindowControlHandlers(mainWindow);
+  registerCodexHandlers();
   electron.ipcMain.handle(Channels.AUTOMATION_GET_INSTALLED, () => {
     return getInstalledKits();
   });
@@ -25969,6 +26824,26 @@ function registerIpcHandlers(windowState, runtime2) {
       clearByTimeRange(timeRange);
     }
   });
+  setDownloadBroadcaster(sendToRendererViews);
+  setPermissionBroadcaster(sendToRendererViews);
+  electron.ipcMain.handle(Channels.DOWNLOADS_GET, () => listDownloads());
+  electron.ipcMain.handle(Channels.DOWNLOADS_CLEAR, () => {
+    clearDownloads();
+    return true;
+  });
+  electron.ipcMain.handle(Channels.DOWNLOADS_OPEN, (_event, id) => openDownload(id));
+  electron.ipcMain.handle(Channels.DOWNLOADS_SHOW_IN_FOLDER, (_event, id) => showDownloadInFolder(id));
+  electron.ipcMain.handle(Channels.PERMISSIONS_GET, () => listPermissions());
+  electron.ipcMain.handle(Channels.PERMISSIONS_CLEAR, () => {
+    clearPermissions();
+    return true;
+  });
+  electron.ipcMain.handle(Channels.PERMISSIONS_CLEAR_ORIGIN, (_event, origin) => {
+    clearPermissionsForOrigin(origin);
+    return true;
+  });
+  electron.ipcMain.handle(Channels.UPDATES_CHECK, () => checkForUpdates());
+  electron.ipcMain.handle(Channels.UPDATES_OPEN_DOWNLOAD, () => openUpdateDownload());
   electron.ipcMain.handle(Channels.TAB_TOGGLE_PIP, async () => {
     return togglePictureInPicture(tabManager);
   });
@@ -26364,9 +27239,9 @@ function clone(value) {
 function summarizeArgs(args) {
   const entries = Object.entries(args).filter(([, value]) => value != null);
   if (entries.length === 0) return "No arguments";
-  return entries.map(([key, value]) => {
+  return entries.map(([key2, value]) => {
     const rendered = typeof value === "string" ? value : JSON.stringify(value);
-    return `${key}=${String(rendered).slice(0, 120)}`;
+    return `${key2}=${String(rendered).slice(0, 120)}`;
   }).join(", ");
 }
 function summarizeText(value) {
@@ -27392,6 +28267,7 @@ async function bootstrap() {
     sidebarView.webContents.send(Channels.HISTORY_UPDATE, state2);
   });
   installDownloadHandler(chromeView);
+  installPermissionHandler();
   startBackgroundRevalidation();
   startTelemetry();
   const initializeChromeRenderer = () => {