npm - @rubytech/create-realagent - Versions diffs - 1.0.825 → 1.0.828 - Mend

@rubytech/create-realagent 1.0.825 → 1.0.828

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (102) hide show

package/payload/server/server.js CHANGED Viewed

@@ -95,8 +95,9 @@ import {
   appendCloudflareSteps,
   completeCloudflareTask,
   openCloudflareTask,
-  readTunnelState
-} from "./chunk-TDTQEKNP.js";
+  readTunnelState,
+  resolveUnitGoneVerdict
+} from "./chunk-T2OPNP3L.js";
 import {
   GREETING_DIRECTIVE,
   HAIKU_MODEL,
@@ -627,8 +628,8 @@ var serveStatic = (options = { root: "" }) => {
 };
 // server/index.ts
-import { readFileSync as readFileSync15, existsSync as existsSync21, watchFile } from "fs";
-import { resolve as resolve21, join as join9, basename as basename5 } from "path";
+import { readFileSync as readFileSync16, existsSync as existsSync22, watchFile } from "fs";
+import { resolve as resolve22, join as join10, basename as basename5 } from "path";
 import { homedir as homedir2 } from "os";
 // app/lib/agent-slug-pattern.ts
@@ -1272,7 +1273,7 @@ var credsSaveQueue = Promise.resolve();
 async function drainCredsSaveQueue(timeoutMs = 5e3) {
   console.error(`${TAG3} draining credential save queue\u2026`);
   const timer2 = new Promise(
-    (resolve22) => setTimeout(() => resolve22("timeout"), timeoutMs)
+    (resolve23) => setTimeout(() => resolve23("timeout"), timeoutMs)
   );
   const result = await Promise.race([
     credsSaveQueue.then(() => "drained"),
@@ -1400,11 +1401,11 @@ async function createWaSocket(opts) {
   return sock;
 }
 async function waitForConnection(sock) {
-  return new Promise((resolve22, reject) => {
+  return new Promise((resolve23, reject) => {
     const handler = (update) => {
       if (update.connection === "open") {
         sock.ev.off("connection.update", handler);
-        resolve22();
+        resolve23();
       }
       if (update.connection === "close") {
         sock.ev.off("connection.update", handler);
@@ -1518,14 +1519,14 @@ ${inspected}`;
   return inspect2(err, INSPECT_OPTS2);
 }
 function withTimeout(label, promise, timeoutMs) {
-  return new Promise((resolve22, reject) => {
+  return new Promise((resolve23, reject) => {
     const timer2 = setTimeout(() => {
       reject(new Error(`${label} timed out after ${timeoutMs}ms`));
     }, timeoutMs);
     promise.then(
       (value) => {
         clearTimeout(timer2);
-        resolve22(value);
+        resolve23(value);
       },
       (err) => {
         clearTimeout(timer2);
@@ -2060,8 +2061,8 @@ async function persistWhatsAppMessage(input) {
   const { givenName, familyName } = splitName(input.pushName);
   const prev = sessionWriteLocks.get(input.sessionKey);
   let release;
-  const mine = new Promise((resolve22) => {
-    release = resolve22;
+  const mine = new Promise((resolve23) => {
+    release = resolve23;
   });
   const chained = (prev ?? Promise.resolve()).then(() => mine);
   sessionWriteLocks.set(input.sessionKey, chained);
@@ -3068,11 +3069,11 @@ async function connectWithReconnect(conn) {
       console.error(
         `${TAG13} reconnecting account=${conn.accountId} in ${delay}ms (attempt ${decision.nextAttempts}/${maxAttempts})`
       );
-      await new Promise((resolve22) => {
-        const timer2 = setTimeout(resolve22, delay);
+      await new Promise((resolve23) => {
+        const timer2 = setTimeout(resolve23, delay);
         conn.abortController.signal.addEventListener("abort", () => {
           clearTimeout(timer2);
-          resolve22();
+          resolve23();
         }, { once: true });
       });
     }
@@ -3080,16 +3081,16 @@ async function connectWithReconnect(conn) {
   }
 }
 function waitForDisconnectEvent(conn) {
-  return new Promise((resolve22) => {
+  return new Promise((resolve23) => {
     if (!conn.sock) {
-      resolve22();
+      resolve23();
       return;
     }
     const sock = conn.sock;
     const handler = (update) => {
       if (update.connection === "close") {
         sock.ev.off("connection.update", handler);
-        resolve22();
+        resolve23();
       }
     };
     sock.ev.on("connection.update", handler);
@@ -3350,8 +3351,8 @@ async function handleInboundMessage(conn, msg) {
     const conversationKey = isGroup ? remoteJid : senderPhone;
     const debounceKey = `${conn.accountId}:${conversationKey}:${senderPhone}`;
     let resolvePending;
-    const sttPending = new Promise((resolve22) => {
-      resolvePending = resolve22;
+    const sttPending = new Promise((resolve23) => {
+      resolvePending = resolve23;
     });
     if (conn.debouncer) conn.debouncer.registerPending(debounceKey, sttPending);
     try {
@@ -3472,20 +3473,20 @@ async function probeApiKey() {
   return result.status;
 }
 function checkPort(port2, timeoutMs = 500) {
-  return new Promise((resolve22) => {
+  return new Promise((resolve23) => {
     const socket = createConnection(port2, "127.0.0.1");
     socket.setTimeout(timeoutMs);
     socket.once("connect", () => {
       socket.destroy();
-      resolve22(true);
+      resolve23(true);
     });
     socket.once("error", () => {
       socket.destroy();
-      resolve22(false);
+      resolve23(false);
     });
     socket.once("timeout", () => {
       socket.destroy();
-      resolve22(false);
+      resolve23(false);
     });
   });
 }
@@ -5686,8 +5687,8 @@ async function startLogin(opts) {
   resetActiveLogin(accountId);
   let resolveQr = null;
   let rejectQr = null;
-  const qrPromise = new Promise((resolve22, reject) => {
-    resolveQr = resolve22;
+  const qrPromise = new Promise((resolve23, reject) => {
+    resolveQr = resolve23;
     rejectQr = reject;
   });
   const qrTimer = setTimeout(
@@ -8039,6 +8040,17 @@ var agents_default = app16;
 import crypto2 from "crypto";
 import { resolve as resolvePath } from "path";
 import { appendFileSync as appendFileSync4, existsSync as existsSync15 } from "fs";
+// app/lib/synthetic-marker.ts
+var CLOUDFLARE_MARKER_PREFIX = "Cloudflare setup completed (actionId: ";
+var COMPONENT_DONE_PREFIX = '{"_componentDone"';
+var LIFECYCLE_PREFIX = '{"_lifecycle"';
+function isSyntheticUserMarker(content) {
+  if (typeof content !== "string" || content.length === 0) return false;
+  return content.startsWith(COMPONENT_DONE_PREFIX) || content.startsWith(LIFECYCLE_PREFIX) || content.startsWith(CLOUDFLARE_MARKER_PREFIX);
+}
+// server/routes/admin/sessions.ts
 function validateAndShapeAttachments(raws, conversationAccountId, conversationId, messageId, streamLogPath) {
   const chips = [];
   let valid = 0;
@@ -8310,6 +8322,7 @@ app17.post("/:id/resume", async (c) => {
   let totalComponents = 0;
   let totalAttachments = 0;
   let totalAttachmentInvalid = 0;
+  let syntheticHidden = 0;
   const rehydrated = messages.map((m) => {
     const components = m.components ?? [];
     const rawAttachments = m.attachments ?? [];
@@ -8318,6 +8331,7 @@ app17.post("/:id/resume", async (c) => {
       totalAttachments += valid2;
       totalAttachmentInvalid += invalid2;
       const cleanedContent = chips.length > 0 ? stripAttachmentMetaSuffix(m.content) : m.content;
+      if (m.role === "user" && isSyntheticUserMarker(cleanedContent)) syntheticHidden += 1;
       return {
         messageId: m.messageId,
         role: m.role,
@@ -8344,7 +8358,7 @@ app17.post("/:id/resume", async (c) => {
   const userMessageCount = rehydrated.filter((m) => m.role !== "assistant").length;
   const reason = bridged ? "post-restart" : "page-refresh";
   try {
-    appendFileSync4(streamLogPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] [admin-resume] reason=${reason} sessionKey=${sessionKey.slice(0, 8)} conversationId=${conversationId.slice(0, 8)} ${tag} loadedMessages=${messages.length} componentCount=${totalComponents} userAttachmentCount=${totalAttachments}
+    appendFileSync4(streamLogPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] [admin-resume] reason=${reason} sessionKey=${sessionKey.slice(0, 8)} conversationId=${conversationId.slice(0, 8)} ${tag} loadedMessages=${messages.length} componentCount=${totalComponents} userAttachmentCount=${totalAttachments} syntheticHidden=${syntheticHidden}
 `);
     if (totalComponents > 0) {
       appendFileSync4(streamLogPath, `[${(/* @__PURE__ */ new Date()).toISOString()}] [component-rehydrate] conversationId=${conversationId.slice(0, 8)} count=${totalComponents} valid=${totalValid} invalid=${totalInvalid} textRuns=${textRuns}
@@ -8357,7 +8371,7 @@ app17.post("/:id/resume", async (c) => {
   } catch {
   }
   const age = formatAge(updatedAt);
-  console.log(`[admin-resume] ${(/* @__PURE__ */ new Date()).toISOString()} reason=${reason} conversationId=${conversationId.slice(0, 8)}\u2026 age=${age} loaded=${messages.length} messages ${tag} components=${totalComponents} attachments=${totalAttachments} sessionKey=${sessionKey.slice(0, 8)}\u2026`);
+  console.log(`[admin-resume] ${(/* @__PURE__ */ new Date()).toISOString()} reason=${reason} conversationId=${conversationId.slice(0, 8)}\u2026 age=${age} loaded=${messages.length} messages ${tag} components=${totalComponents} attachments=${totalAttachments} syntheticHidden=${syntheticHidden} sessionKey=${sessionKey.slice(0, 8)}\u2026`);
   return c.json({ conversationId, messages: rehydrated });
 });
 app17.post("/:id/label", requireAdminSession, async (c) => {
@@ -8654,6 +8668,11 @@ function addAliasDomain(hostname2) {
   writeFileSync6(ALIAS_DOMAINS_PATH, JSON.stringify([...existing], null, 2) + "\n", "utf-8");
 }
+// app/lib/cloudflare-setup-types.ts
+var CLOUDFLARE_SETUP_FORM_SCHEMA = {
+  secretFields: ["password", "session_key", "messageId"]
+};
 // server/routes/admin/cloudflare.ts
 var SETUP_TIMEOUT_MS = 10 * 60 * 1e3;
 var DOMAINS_TIMEOUT_MS = 40 * 1e3;
@@ -8875,8 +8894,8 @@ app21.get("/tunnels", requireAdminSession, async (c) => {
   if (!correlationId) return err("session", "No active conversation for session \u2014 refresh chat.");
   streamLogPath = streamLogPathFor(accountId, correlationId).streamLogPath;
   const certPath = resolve14(homedir(), brand.configDir, "cloudflared", "cert.pem");
-  const { existsSync: existsSync22 } = await import("fs");
-  if (!existsSync22(certPath)) {
+  const { existsSync: existsSync23 } = await import("fs");
+  if (!existsSync23(certPath)) {
     return err("cert", `Cloudflare origin certificate is not on disk yet (${certPath}). Complete the Cloudflare login first by submitting the form once \u2014 the OAuth flow writes cert.pem.`);
   }
   const result = await runFormSpawn({
@@ -9012,19 +9031,20 @@ app21.post("/setup", requireAdminSession, async (c) => {
   if (await isActionActive("cloudflare-setup")) {
     return err("request", "Another Cloudflare setup is already running. Wait for it to finish before starting a new one.");
   }
+  const taskInputs = {};
+  for (const [key, value] of Object.entries(body)) {
+    if (value !== void 0 && value !== null && value !== "") {
+      taskInputs[key] = value;
+    }
+  }
   let cloudflareTask;
   try {
     cloudflareTask = await openCloudflareTask({
       accountId,
       conversationKey: sessionKey,
-      inputsProvided: ["adminLabel", "adminDomain", publicFqdn ? "publicLabel" : null, apex ? "apex" : null, "password"].filter((s) => typeof s === "string"),
-      inputs: {
-        adminLabel: body.adminLabel,
-        adminDomain: body.adminDomain,
-        publicLabel: body.publicLabel,
-        publicDomain: body.publicDomain,
-        apex: body.apex
-      },
+      inputsProvided: Object.keys(taskInputs),
+      inputs: taskInputs,
+      inputSchema: CLOUDFLARE_SETUP_FORM_SCHEMA,
       messageId: typeof body.messageId === "string" && body.messageId.length > 0 ? body.messageId : void 0
     });
     log(`phase=task-opened taskId=${cloudflareTask.taskId}`);
@@ -9055,38 +9075,63 @@ app21.post("/setup", requireAdminSession, async (c) => {
     } catch (e) {
       logErr(`phase=task-steps-append-failed reason="${e instanceof Error ? e.message : String(e)}"`);
     }
-    if (!status || status.execMainStatus !== 0) {
-      logErr(`phase=post-exit-skipped reason=${status ? `exit=${status.execMainStatus}` : "unit-gone"} id=${actionId}`);
+    let unitGoneWithDiskProof = false;
+    if (status === null) {
+      const verdict = resolveUnitGoneVerdict({
+        tunnelState: readTunnelState(brand.configDir),
+        expected: { tunnelName: body.tunnelName, tunnelId: body.tunnelId }
+      });
+      const resolution = verdict.kind === "close-completed" ? "close-completed" : "close-failed-diagnostic";
+      log(`phase=post-exit-disk-check tunnel-state-found=${verdict.tunnelStateFound} identity-match=${verdict.identityMatch} resolution=${resolution}`);
+      if (verdict.kind === "close-failed") {
+        try {
+          await completeCloudflareTask({
+            taskId: cloudflareTask.taskId,
+            taskElementId: cloudflareTask.taskElementId,
+            accountId,
+            conversationKey: sessionKey,
+            status: "failed",
+            errorMessage: CLOUDFLARE_TASK_DIAGNOSTICS.endpointDiedPreReconcile
+          });
+        } catch (e) {
+          logErr(`phase=task-close-failed status=failed reason="${e instanceof Error ? e.message : String(e)}"`);
+        }
+        return;
+      }
+      unitGoneWithDiskProof = true;
+    } else if (status.execMainStatus !== 0) {
+      logErr(`phase=post-exit-skipped reason=exit=${status.execMainStatus} id=${actionId}`);
       try {
-        const diagnostic = status ? `${CLOUDFLARE_TASK_DIAGNOSTICS.scriptExitedNonzero} exit=${status.execMainStatus}` : CLOUDFLARE_TASK_DIAGNOSTICS.endpointDiedPreReconcile;
         await completeCloudflareTask({
           taskId: cloudflareTask.taskId,
           taskElementId: cloudflareTask.taskElementId,
           accountId,
           conversationKey: sessionKey,
           status: "failed",
-          errorMessage: diagnostic
+          errorMessage: `${CLOUDFLARE_TASK_DIAGNOSTICS.scriptExitedNonzero} exit=${status.execMainStatus}`
         });
       } catch (e) {
         logErr(`phase=task-close-failed status=failed reason="${e instanceof Error ? e.message : String(e)}"`);
       }
       return;
     }
-    const candidates = [publicFqdn, apex].filter((h) => typeof h === "string" && h.length > 0);
-    for (const host of candidates) {
-      if (host === adminFqdn) {
-        log(`phase=alias-domain-write host=${host} result=skipped-admin`);
-        continue;
-      }
-      if (host.startsWith("public.")) {
-        log(`phase=alias-domain-write host=${host} result=skipped-public-prefix`);
-        continue;
-      }
-      try {
-        addAliasDomain(host);
-        log(`phase=alias-domain-write host=${host} result=written`);
-      } catch (e) {
-        logErr(`phase=alias-domain-write host=${host} result=error reason="${e instanceof Error ? e.message : String(e)}"`);
+    if (!unitGoneWithDiskProof) {
+      const candidates = [publicFqdn, apex].filter((h) => typeof h === "string" && h.length > 0);
+      for (const host of candidates) {
+        if (host === adminFqdn) {
+          log(`phase=alias-domain-write host=${host} result=skipped-admin`);
+          continue;
+        }
+        if (host.startsWith("public.")) {
+          log(`phase=alias-domain-write host=${host} result=skipped-public-prefix`);
+          continue;
+        }
+        try {
+          addAliasDomain(host);
+          log(`phase=alias-domain-write host=${host} result=written`);
+        } catch (e) {
+          logErr(`phase=alias-domain-write host=${host} result=error reason="${e instanceof Error ? e.message : String(e)}"`);
+        }
       }
     }
     try {
@@ -10270,6 +10315,11 @@ var GRAPH_LABEL_COLOURS = {
   AccessGrant: "#66381F",
   // Knowledge — moss family (organic)
   KnowledgeDocument: "#6E8A5A",
+  // Task 891 — chunked WhatsApp/messaging archive parent. Sits in the
+  // knowledge moss family because it's structurally a document parent
+  // (HAS_SECTION → :Section:Conversation chunks); the conversational
+  // plum family is reserved for the live Conversation/Message labels.
+  ConversationArchive: "#82A06A",
   Section: "#8AA876",
   Chunk: "#A6C194",
   DigitalDocument: "#5A7548",
@@ -11736,37 +11786,106 @@ app33.get("/", requireAdminSession, async (c) => {
 });
 var sidebar_artefact_content_default = app33;
-// server/routes/admin/index.ts
+// server/routes/admin/health.ts
+import { existsSync as existsSync20, readFileSync as readFileSync14 } from "fs";
+import { resolve as resolve20, join as join9 } from "path";
+var PLATFORM_ROOT7 = process.env.MAXY_PLATFORM_ROOT ?? resolve20(process.cwd(), "..");
+var brandHostname = "maxy";
+var brandJsonPath = join9(PLATFORM_ROOT7, "config", "brand.json");
+if (existsSync20(brandJsonPath)) {
+  try {
+    const brand = JSON.parse(readFileSync14(brandJsonPath, "utf-8"));
+    if (brand.hostname) brandHostname = brand.hostname;
+  } catch {
+  }
+}
+var VERSION_FILE = resolve20(PLATFORM_ROOT7, `config/.${brandHostname}-version`);
+var PROCESS_STARTED_AT = (/* @__PURE__ */ new Date()).toISOString();
+var PROBE_TIMEOUT_MS = 1e3;
+function readVersion() {
+  if (!existsSync20(VERSION_FILE)) return "unknown";
+  return readFileSync14(VERSION_FILE, "utf-8").trim() || "unknown";
+}
+async function probeConversationDb() {
+  let session;
+  try {
+    session = getSession();
+  } catch (err) {
+    return { state: "error", reason: err instanceof Error ? err.message : String(err) };
+  }
+  let timer2;
+  try {
+    const probe = session.run("RETURN 1");
+    const timeout = new Promise((_, reject) => {
+      timer2 = setTimeout(() => reject(new Error("timeout")), PROBE_TIMEOUT_MS);
+    });
+    await Promise.race([probe, timeout]);
+    return { state: "ok" };
+  } catch (err) {
+    return { state: "error", reason: err instanceof Error ? err.message : String(err) };
+  } finally {
+    if (timer2) clearTimeout(timer2);
+    session.close().catch(() => {
+    });
+  }
+}
 var app34 = new Hono();
-app34.route("/session", session_default2);
-app34.route("/chat", chat_default2);
-app34.route("/compact", compact_default);
-app34.route("/logs", logs_default);
-app34.route("/claude-info", claude_info_default);
-app34.route("/attachment", attachment_default);
-app34.route("/agents", agents_default);
-app34.route("/sessions", sessions_default);
-app34.route("/browser", browser_default);
-app34.route("/device-browser", device_browser_default);
-app34.route("/events", events_default);
-app34.route("/cloudflare", cloudflare_default);
-app34.route("/files", files_default);
-app34.route("/graph-search", graph_search_default);
-app34.route("/graph-subgraph", graph_subgraph_default);
-app34.route("/graph-delete", graph_delete_default);
-app34.route("/graph-restore", graph_restore_default);
-app34.route("/graph-labels-in-graph", graph_labels_in_graph_default);
-app34.route("/graph-default-view", graph_default_view_default);
-app34.route("/file-attach", file_attach_default);
-app34.route("/adherence", adherence_default);
-app34.route("/sidebar-artefacts", sidebar_artefacts_default);
-app34.route("/sidebar-artefact-save", sidebar_artefact_save_default);
-app34.route("/sidebar-artefact-content", sidebar_artefact_content_default);
-var admin_default = app34;
+app34.get("/", async (c) => {
+  const version = readVersion();
+  const probe = await probeConversationDb();
+  const uptimeMs = Date.now() - new Date(PROCESS_STARTED_AT).getTime();
+  if (probe.state === "error") {
+    const reason = (probe.reason ?? "").replace(/\s+/g, " ").trim() || "unknown";
+    console.log(
+      `[admin/health-brand] processStartedAt=${PROCESS_STARTED_AT} uptimeMs=${uptimeMs} version=${version} conversationDb=error errorReason=${reason}`
+    );
+  } else {
+    console.log(
+      `[admin/health-brand] processStartedAt=${PROCESS_STARTED_AT} uptimeMs=${uptimeMs} version=${version} conversationDb=ok`
+    );
+  }
+  return c.json({
+    ok: true,
+    processStartedAt: PROCESS_STARTED_AT,
+    version,
+    conversationDb: probe.state,
+    uptimeMs
+  });
+});
+var health_default2 = app34;
+// server/routes/admin/index.ts
+var app35 = new Hono();
+app35.route("/session", session_default2);
+app35.route("/chat", chat_default2);
+app35.route("/compact", compact_default);
+app35.route("/logs", logs_default);
+app35.route("/claude-info", claude_info_default);
+app35.route("/attachment", attachment_default);
+app35.route("/agents", agents_default);
+app35.route("/sessions", sessions_default);
+app35.route("/browser", browser_default);
+app35.route("/device-browser", device_browser_default);
+app35.route("/events", events_default);
+app35.route("/cloudflare", cloudflare_default);
+app35.route("/files", files_default);
+app35.route("/graph-search", graph_search_default);
+app35.route("/graph-subgraph", graph_subgraph_default);
+app35.route("/graph-delete", graph_delete_default);
+app35.route("/graph-restore", graph_restore_default);
+app35.route("/graph-labels-in-graph", graph_labels_in_graph_default);
+app35.route("/graph-default-view", graph_default_view_default);
+app35.route("/file-attach", file_attach_default);
+app35.route("/adherence", adherence_default);
+app35.route("/sidebar-artefacts", sidebar_artefacts_default);
+app35.route("/sidebar-artefact-save", sidebar_artefact_save_default);
+app35.route("/sidebar-artefact-content", sidebar_artefact_content_default);
+app35.route("/health-brand", health_default2);
+var admin_default = app35;
 // server/routes/sites.ts
-import { existsSync as existsSync20, readFileSync as readFileSync14, realpathSync as realpathSync5, statSync as statSync5 } from "fs";
-import { resolve as resolve20 } from "path";
+import { existsSync as existsSync21, readFileSync as readFileSync15, realpathSync as realpathSync5, statSync as statSync5 } from "fs";
+import { resolve as resolve21 } from "path";
 var SAFE_SEG_RE = /^[a-z0-9_][a-z0-9_.-]{0,99}$/i;
 var MIME = {
   ".html": "text/html; charset=utf-8",
@@ -11797,8 +11916,8 @@ function getExt(p) {
   if (idx < p.lastIndexOf("/")) return "";
   return p.slice(idx).toLowerCase();
 }
-var app35 = new Hono();
-app35.get("/:rel{.*}", (c) => {
+var app36 = new Hono();
+app36.get("/:rel{.*}", (c) => {
   const reqPath = c.req.path;
   const rawRel = c.req.param("rel") ?? "";
   const trimmed = rawRel.replace(/^\/+/, "").replace(/\/+$/, "");
@@ -11824,28 +11943,28 @@ app35.get("/:rel{.*}", (c) => {
     }
     segments.push(seg);
   }
-  const rootDir = resolve20(account.accountDir, "sites");
-  let filePath = segments.length === 0 ? rootDir : resolve20(rootDir, ...segments);
+  const rootDir = resolve21(account.accountDir, "sites");
+  let filePath = segments.length === 0 ? rootDir : resolve21(rootDir, ...segments);
   if (filePath !== rootDir && !filePath.startsWith(rootDir + "/")) {
     console.error(`[sites] path-traversal-rejected path=${reqPath} reason=escape status=403`);
     return c.text("Forbidden", 403);
   }
   let stat7;
   try {
-    stat7 = existsSync20(filePath) ? statSync5(filePath) : null;
+    stat7 = existsSync21(filePath) ? statSync5(filePath) : null;
   } catch {
     stat7 = null;
   }
   if (stat7?.isDirectory()) {
-    filePath = resolve20(filePath, "index.html");
+    filePath = resolve21(filePath, "index.html");
   } else if (stat7 === null && isDirRequest) {
-    filePath = resolve20(filePath, "index.html");
+    filePath = resolve21(filePath, "index.html");
   }
   if (!filePath.startsWith(rootDir + "/")) {
     console.error(`[sites] path-traversal-rejected path=${reqPath} reason=escape status=403`);
     return c.text("Forbidden", 403);
   }
-  if (!existsSync20(filePath)) {
+  if (!existsSync21(filePath)) {
     console.error(`[sites] not-found path=${reqPath} status=404`);
     return c.text("Not found", 404);
   }
@@ -11864,7 +11983,7 @@ app35.get("/:rel{.*}", (c) => {
   }
   let body;
   try {
-    body = readFileSync14(realPath);
+    body = readFileSync15(realPath);
   } catch (err) {
     const code = err?.code;
     if (code === "EISDIR") {
@@ -11896,7 +12015,7 @@ app35.get("/:rel{.*}", (c) => {
     "X-Content-Type-Options": "nosniff"
   });
 });
-var sites_default = app35;
+var sites_default = app36;
 // app/lib/graph-health.ts
 var HOUR_MS = 60 * 60 * 1e3;
@@ -11995,15 +12114,15 @@ function clientFrom(c) {
     c.req.header("x-forwarded-for")
   );
 }
-var PLATFORM_ROOT7 = process.env.MAXY_PLATFORM_ROOT || "";
-var BRAND_JSON_PATH = PLATFORM_ROOT7 ? join9(PLATFORM_ROOT7, "config", "brand.json") : "";
+var PLATFORM_ROOT8 = process.env.MAXY_PLATFORM_ROOT || "";
+var BRAND_JSON_PATH = PLATFORM_ROOT8 ? join10(PLATFORM_ROOT8, "config", "brand.json") : "";
 var BRAND = { productName: "Maxy", hostname: "maxy", configDir: ".maxy", domain: "getmaxy.com" };
-if (BRAND_JSON_PATH && !existsSync21(BRAND_JSON_PATH)) {
+if (BRAND_JSON_PATH && !existsSync22(BRAND_JSON_PATH)) {
   console.error(`[brand] WARNING: brand.json not found at ${BRAND_JSON_PATH} \u2014 using Maxy defaults`);
 }
-if (BRAND_JSON_PATH && existsSync21(BRAND_JSON_PATH)) {
+if (BRAND_JSON_PATH && existsSync22(BRAND_JSON_PATH)) {
   try {
-    const parsed = JSON.parse(readFileSync15(BRAND_JSON_PATH, "utf-8"));
+    const parsed = JSON.parse(readFileSync16(BRAND_JSON_PATH, "utf-8"));
     BRAND = { ...BRAND, ...parsed };
   } catch (err) {
     console.error(`[brand] Failed to parse brand.json: ${err.message}`);
@@ -12022,11 +12141,11 @@ var brandLoginOpts = {
   bodyFont: BRAND.defaultFonts?.body,
   logoContainsName: !!BRAND.logoContainsName
 };
-var ALIAS_DOMAINS_PATH2 = join9(homedir2(), BRAND.configDir, "alias-domains.json");
+var ALIAS_DOMAINS_PATH2 = join10(homedir2(), BRAND.configDir, "alias-domains.json");
 function loadAliasDomains() {
   try {
-    if (!existsSync21(ALIAS_DOMAINS_PATH2)) return null;
-    const parsed = JSON.parse(readFileSync15(ALIAS_DOMAINS_PATH2, "utf-8"));
+    if (!existsSync22(ALIAS_DOMAINS_PATH2)) return null;
+    const parsed = JSON.parse(readFileSync16(ALIAS_DOMAINS_PATH2, "utf-8"));
     if (!Array.isArray(parsed)) {
       console.error("[alias-domains] malformed alias-domains.json \u2014 expected array");
       return null;
@@ -12050,9 +12169,9 @@ watchFile(ALIAS_DOMAINS_PATH2, { interval: 2e3 }, () => {
 function isPublicHost(host) {
   return host.startsWith("public.") || aliasDomains.has(host);
 }
-var app36 = new Hono();
-app36.use("*", clientIpMiddleware);
-app36.use("*", async (c, next) => {
+var app37 = new Hono();
+app37.use("*", clientIpMiddleware);
+app37.use("*", async (c, next) => {
   await next();
   c.header("X-Content-Type-Options", "nosniff");
   c.header("Referrer-Policy", "strict-origin-when-cross-origin");
@@ -12076,7 +12195,7 @@ var PUBLIC_ALLOWED_PREFIXES = [
   "/sites/"
 ];
 var PUBLIC_ALLOWED_EXACT = ["/favicon.ico"];
-app36.use("*", async (c, next) => {
+app37.use("*", async (c, next) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (!isPublicHost(host)) {
     await next();
@@ -12116,7 +12235,7 @@ function resolveRemoteAuthOpts() {
   return brandLoginOpts;
 }
 var MAX_LOGIN_BODY = 8 * 1024;
-app36.post("/__remote-auth/login", async (c) => {
+app37.post("/__remote-auth/login", async (c) => {
   const client = clientFrom(c);
   const clientIp = client.ip || "unknown";
   if (!requestIsTlsTerminated(c)) {
@@ -12160,7 +12279,7 @@ app36.post("/__remote-auth/login", async (c) => {
     }
   });
 });
-app36.get("/__remote-auth/logout", (c) => {
+app37.get("/__remote-auth/logout", (c) => {
   return new Response(null, {
     status: 302,
     headers: {
@@ -12170,7 +12289,7 @@ app36.get("/__remote-auth/logout", (c) => {
     }
   });
 });
-app36.post("/__remote-auth/change-password", async (c) => {
+app37.post("/__remote-auth/change-password", async (c) => {
   const client = clientFrom(c);
   const clientIp = client.ip || "unknown";
   const rateLimited = checkRateLimit(client);
@@ -12220,13 +12339,13 @@ app36.post("/__remote-auth/change-password", async (c) => {
     return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), mode: "change", changeError: "Failed to save password", redirect }), 200);
   }
 });
-app36.get("/__remote-auth/setup", (c) => {
+app37.get("/__remote-auth/setup", (c) => {
   if (isRemoteAuthConfigured()) {
     return c.redirect("/");
   }
   return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), mode: "setup" }), 200);
 });
-app36.post("/__remote-auth/set-initial-password", async (c) => {
+app37.post("/__remote-auth/set-initial-password", async (c) => {
   if (isRemoteAuthConfigured()) {
     return c.redirect("/");
   }
@@ -12262,10 +12381,10 @@ app36.post("/__remote-auth/set-initial-password", async (c) => {
     return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), mode: "setup", setupError: "Failed to save password. Please try again." }), 200);
   }
 });
-app36.get("/api/remote-auth/status", (c) => {
+app37.get("/api/remote-auth/status", (c) => {
   return c.json({ configured: isRemoteAuthConfigured() });
 });
-app36.post("/api/remote-auth/set-password", async (c) => {
+app37.post("/api/remote-auth/set-password", async (c) => {
   let body;
   try {
     body = await c.req.json();
@@ -12295,9 +12414,9 @@ app36.post("/api/remote-auth/set-password", async (c) => {
     return c.json({ error: "Failed to save password" }, 500);
   }
 });
-app36.route("/api/_client-error", client_error_default);
+app37.route("/api/_client-error", client_error_default);
 console.log("[client-error-route] mounted");
-app36.use("*", async (c, next) => {
+app37.use("*", async (c, next) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   const path2 = c.req.path;
   if (path2 === "/favicon.ico" || path2.startsWith("/assets/") || path2.startsWith("/brand/")) {
@@ -12330,15 +12449,15 @@ app36.use("*", async (c, next) => {
   console.error(`[remote-auth] login required ip=${clientIp} path=${path2} ${disambig}`);
   return c.html(renderLoginPage({ ...resolveRemoteAuthOpts(), redirect: path2 }), 200);
 });
-app36.route("/api/health", health_default);
-app36.route("/api/session", session_default);
-app36.route("/api/chat", chat_default);
-app36.route("/api/group", group_default);
-app36.route("/api/access", access_default);
-app36.route("/api/telegram", telegram_default);
-app36.route("/api/whatsapp", whatsapp_default);
-app36.route("/api/onboarding", onboarding_default);
-app36.route("/api/admin", admin_default);
+app37.route("/api/health", health_default);
+app37.route("/api/session", session_default);
+app37.route("/api/chat", chat_default);
+app37.route("/api/group", group_default);
+app37.route("/api/access", access_default);
+app37.route("/api/telegram", telegram_default);
+app37.route("/api/whatsapp", whatsapp_default);
+app37.route("/api/onboarding", onboarding_default);
+app37.route("/api/admin", admin_default);
 var SAFE_SLUG_RE = /^[a-z][a-z0-9-]{2,49}$/;
 var SAFE_FILENAME_RE = /^[a-z0-9_][a-z0-9_.-]{0,99}$/i;
 var IMAGE_MIME = {
@@ -12350,7 +12469,7 @@ var IMAGE_MIME = {
   ".svg": "image/svg+xml",
   ".ico": "image/x-icon"
 };
-app36.get("/agent-assets/:slug/:filename", (c) => {
+app37.get("/agent-assets/:slug/:filename", (c) => {
   const slug = c.req.param("slug");
   const filename = c.req.param("filename");
   if (!SAFE_SLUG_RE.test(slug)) {
@@ -12366,26 +12485,26 @@ app36.get("/agent-assets/:slug/:filename", (c) => {
     console.error(`[agent-assets] no-account slug=${slug} file=${filename}`);
     return c.text("Not found", 404);
   }
-  const filePath = resolve21(account.accountDir, "agents", slug, "assets", filename);
-  const expectedDir = resolve21(account.accountDir, "agents", slug, "assets");
+  const filePath = resolve22(account.accountDir, "agents", slug, "assets", filename);
+  const expectedDir = resolve22(account.accountDir, "agents", slug, "assets");
   if (!filePath.startsWith(expectedDir + "/")) {
     console.error(`[agent-assets] path-traversal-rejected slug=${slug} file=${filename}`);
     return c.text("Forbidden", 403);
   }
-  if (!existsSync21(filePath)) {
+  if (!existsSync22(filePath)) {
     console.error(`[agent-assets] serve slug=${slug} file=${filename} status=404`);
     return c.text("Not found", 404);
   }
   const ext = "." + filename.split(".").pop()?.toLowerCase();
   const contentType = IMAGE_MIME[ext] || "application/octet-stream";
   console.log(`[agent-assets] serve slug=${slug} file=${filename} status=200`);
-  const body = readFileSync15(filePath);
+  const body = readFileSync16(filePath);
   return c.body(body, 200, {
     "Content-Type": contentType,
     "Cache-Control": "public, max-age=3600"
   });
 });
-app36.get("/generated/:filename", (c) => {
+app37.get("/generated/:filename", (c) => {
   const filename = c.req.param("filename");
   if (!SAFE_FILENAME_RE.test(filename) || filename.includes("..")) {
     console.error(`[generated] serve file=${filename} status=403`);
@@ -12396,32 +12515,32 @@ app36.get("/generated/:filename", (c) => {
     console.error(`[generated] serve file=${filename} status=404`);
     return c.text("Not found", 404);
   }
-  const filePath = resolve21(account.accountDir, "generated", filename);
-  const expectedDir = resolve21(account.accountDir, "generated");
+  const filePath = resolve22(account.accountDir, "generated", filename);
+  const expectedDir = resolve22(account.accountDir, "generated");
   if (!filePath.startsWith(expectedDir + "/")) {
     console.error(`[generated] serve file=${filename} status=403`);
     return c.text("Forbidden", 403);
   }
-  if (!existsSync21(filePath)) {
+  if (!existsSync22(filePath)) {
     console.error(`[generated] serve file=${filename} status=404`);
     return c.text("Not found", 404);
   }
   const ext = "." + filename.split(".").pop()?.toLowerCase();
   const contentType = IMAGE_MIME[ext] || "application/octet-stream";
   console.log(`[generated] serve file=${filename} status=200`);
-  const body = readFileSync15(filePath);
+  const body = readFileSync16(filePath);
   return c.body(body, 200, {
     "Content-Type": contentType,
     "Cache-Control": "public, max-age=86400"
   });
 });
-app36.route("/sites", sites_default);
+app37.route("/sites", sites_default);
 var htmlCache = /* @__PURE__ */ new Map();
 var brandLogoPath = "/brand/maxy-monochrome.png";
 var brandIconPath = "/brand/maxy-monochrome.png";
-if (BRAND_JSON_PATH && existsSync21(BRAND_JSON_PATH)) {
+if (BRAND_JSON_PATH && existsSync22(BRAND_JSON_PATH)) {
   try {
-    const fullBrand = JSON.parse(readFileSync15(BRAND_JSON_PATH, "utf-8"));
+    const fullBrand = JSON.parse(readFileSync16(BRAND_JSON_PATH, "utf-8"));
     if (fullBrand.assets?.logo) brandLogoPath = `/brand/${fullBrand.assets.logo}`;
     brandIconPath = fullBrand.assets?.icon ? `/brand/${fullBrand.assets.icon}` : brandLogoPath;
   } catch {
@@ -12437,10 +12556,10 @@ var brandScript = `<script>window.__BRAND__=${JSON.stringify({
 })}</script>`;
 function readInstalledVersion() {
   try {
-    if (!PLATFORM_ROOT7) return "unknown";
-    const versionFile = join9(PLATFORM_ROOT7, "config", `.${BRAND.hostname}-version`);
-    if (!existsSync21(versionFile)) return "unknown";
-    const content = readFileSync15(versionFile, "utf-8").trim();
+    if (!PLATFORM_ROOT8) return "unknown";
+    const versionFile = join10(PLATFORM_ROOT8, "config", `.${BRAND.hostname}-version`);
+    if (!existsSync22(versionFile)) return "unknown";
+    const content = readFileSync16(versionFile, "utf-8").trim();
     return content || "unknown";
   } catch {
     return "unknown";
@@ -12481,7 +12600,7 @@ var clientErrorReporterScript = `<script>
 function cachedHtml(file) {
   let html = htmlCache.get(file);
   if (!html) {
-    html = readFileSync15(resolve21(process.cwd(), "public", file), "utf-8");
+    html = readFileSync16(resolve22(process.cwd(), "public", file), "utf-8");
     const productNameEsc = escapeHtml(BRAND.productName);
     html = html.replace(/<title>([^<]*)<\/title>/, (_match, inner) => `<title>${escapeHtml(inner).replace(/Maxy/g, productNameEsc)}</title>`);
     html = html.replace('href="/favicon.ico"', `href="${escapeHtml(brandFaviconPath)}"`);
@@ -12497,26 +12616,26 @@ ${clientErrorReporterScript}
 }
 var brandedHtmlCache = /* @__PURE__ */ new Map();
 function loadBrandingCache(agentSlug) {
-  const configDir2 = join9(homedir2(), BRAND.configDir);
+  const configDir2 = join10(homedir2(), BRAND.configDir);
   try {
-    const accountJsonPath = join9(configDir2, "account.json");
-    if (!existsSync21(accountJsonPath)) return null;
-    const account = JSON.parse(readFileSync15(accountJsonPath, "utf-8"));
+    const accountJsonPath = join10(configDir2, "account.json");
+    if (!existsSync22(accountJsonPath)) return null;
+    const account = JSON.parse(readFileSync16(accountJsonPath, "utf-8"));
     const accountId = account.accountId;
     if (!accountId) return null;
-    const cachePath = join9(configDir2, "branding-cache", accountId, `${agentSlug}.json`);
-    if (!existsSync21(cachePath)) return null;
-    return JSON.parse(readFileSync15(cachePath, "utf-8"));
+    const cachePath = join10(configDir2, "branding-cache", accountId, `${agentSlug}.json`);
+    if (!existsSync22(cachePath)) return null;
+    return JSON.parse(readFileSync16(cachePath, "utf-8"));
   } catch {
     return null;
   }
 }
 function resolveDefaultSlug() {
   try {
-    const configDir2 = join9(homedir2(), BRAND.configDir);
-    const accountJsonPath = join9(configDir2, "account.json");
-    if (!existsSync21(accountJsonPath)) return null;
-    const account = JSON.parse(readFileSync15(accountJsonPath, "utf-8"));
+    const configDir2 = join10(homedir2(), BRAND.configDir);
+    const accountJsonPath = join10(configDir2, "account.json");
+    if (!existsSync22(accountJsonPath)) return null;
+    const account = JSON.parse(readFileSync16(accountJsonPath, "utf-8"));
     return account.defaultAgent || null;
   } catch {
     return null;
@@ -12552,7 +12671,7 @@ function brandedPublicHtml(agentSlug) {
 function escapeHtml(s) {
   return s.replace(/&/g, "&amp;").replace(/"/g, "&quot;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
 }
-app36.get("/", (c) => {
+app37.get("/", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) {
     const defaultSlug = resolveDefaultSlug();
@@ -12560,12 +12679,12 @@ app36.get("/", (c) => {
   }
   return c.html(cachedHtml("index.html"));
 });
-app36.get("/public", (c) => {
+app37.get("/public", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("public.html"));
 });
-app36.get("/chat", (c) => {
+app37.get("/chat", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("public.html"));
@@ -12584,12 +12703,12 @@ async function logViewerFetch(c, next) {
     duration_ms: Date.now() - start
   });
 }
-app36.use("/vnc-viewer.html", logViewerFetch);
-app36.use("/vnc-popout.html", logViewerFetch);
-app36.get("/vnc-popout.html", (c) => {
+app37.use("/vnc-viewer.html", logViewerFetch);
+app37.use("/vnc-popout.html", logViewerFetch);
+app37.get("/vnc-popout.html", (c) => {
   let html = htmlCache.get("vnc-popout.html");
   if (!html) {
-    html = readFileSync15(resolve21(process.cwd(), "public", "vnc-popout.html"), "utf-8");
+    html = readFileSync16(resolve22(process.cwd(), "public", "vnc-popout.html"), "utf-8");
     const name = escapeHtml(BRAND.productName);
     html = html.replace("<title>Browser \u2014 Maxy</title>", `<title>${name}</title>`);
     html = html.replace("</head>", `  ${brandScript}
@@ -12599,7 +12718,7 @@ app36.get("/vnc-popout.html", (c) => {
   }
   return c.html(html);
 });
-app36.post("/api/vnc/client-event", async (c) => {
+app37.post("/api/vnc/client-event", async (c) => {
   let body;
   try {
     body = await c.req.json();
@@ -12620,20 +12739,20 @@ app36.post("/api/vnc/client-event", async (c) => {
   });
   return c.json({ ok: true });
 });
-app36.get("/g/:slug", (c) => {
+app37.get("/g/:slug", (c) => {
   return c.html(brandedPublicHtml());
 });
-app36.get("/graph", (c) => {
+app37.get("/graph", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("graph.html"));
 });
-app36.get("/data", (c) => {
+app37.get("/data", (c) => {
   const host = (c.req.header("host") ?? "").split(":")[0];
   if (isPublicHost(host)) return c.text("Not found", 404);
   return c.html(cachedHtml("data.html"));
 });
-app36.get("/:slug", async (c, next) => {
+app37.get("/:slug", async (c, next) => {
   const slug = c.req.param("slug");
   if (AGENT_SLUG_PATTERN.test(`/${slug}`)) {
     const branding = loadBrandingCache(slug);
@@ -12642,10 +12761,10 @@ app36.get("/:slug", async (c, next) => {
   }
   await next();
 });
-app36.use("/*", serveStatic({ root: "./public" }));
+app37.use("/*", serveStatic({ root: "./public" }));
 var port = parseInt(process.env.MAXY_UI_INTERNAL_PORT ?? process.env.PORT ?? "19199", 10);
 var hostname = process.env.HOSTNAME ?? "127.0.0.1";
-var httpServer = serve({ fetch: app36.fetch, port, hostname });
+var httpServer = serve({ fetch: app37.fetch, port, hostname });
 console.log(`${BRAND.productName} listening on http://${hostname}:${port}`);
 var SUBAPP_MANIFEST = [
   { prefix: "/api/health", file: "server/routes/health.ts", subapp: health_default },
@@ -12665,7 +12784,7 @@ for (const m of SUBAPP_MANIFEST) {
 }
 try {
   const registered = [];
-  for (const r of app36.routes ?? []) {
+  for (const r of app37.routes ?? []) {
     if (typeof r.path !== "string" || r.path.includes(":") || r.path.includes("*")) continue;
     if (AGENT_SLUG_PATTERN.test(r.path)) {
       registered.push({ method: (r.method ?? "ALL").toUpperCase(), path: r.path });
@@ -12679,8 +12798,8 @@ try {
 (async () => {
   try {
     let userId = "";
-    if (existsSync21(USERS_FILE)) {
-      const users = JSON.parse(readFileSync15(USERS_FILE, "utf-8").trim() || "[]");
+    if (existsSync22(USERS_FILE)) {
+      const users = JSON.parse(readFileSync16(USERS_FILE, "utf-8").trim() || "[]");
       userId = users[0]?.userId ?? "";
     }
     await backfillNullUserIdConversations(userId);
@@ -12713,7 +12832,7 @@ autoDeliverPremiumPlugins(bootEntitlement?.purchasedPlugins ?? void 0);
 (async () => {
   if (!bootAccount) return;
   try {
-    const { recoverRunningCloudflareTasks } = await import("./cloudflare-task-tracker-3WV7DZKQ.js");
+    const { recoverRunningCloudflareTasks } = await import("./cloudflare-task-tracker-CR6TL4VL.js");
     const result = await recoverRunningCloudflareTasks(
       bootAccount.accountId,
       configDirForWhatsApp,
@@ -12763,7 +12882,7 @@ if (bootAccountConfig?.whatsapp) {
 }
 init({
   configDir: configDirForWhatsApp,
-  platformRoot: resolve21(process.env.MAXY_PLATFORM_ROOT ?? join9(__dirname, "..")),
+  platformRoot: resolve22(process.env.MAXY_PLATFORM_ROOT ?? join10(__dirname, "..")),
   accountConfig: bootAccountConfig,
   onMessage: async (msg) => {
     try {