@serve.zone/dcrouter 11.10.3 → 11.10.7

package/ts/cache/documents/classes.cached.email.ts

@@ -35,55 +35,55 @@ export class CachedEmail extends CachedDocument<CachedEmail> {
    */
   @plugins.smartdata.unI()
   @plugins.smartdata.svDb()
-  public id: string;
+  public id!: string;
 
   /**
    * Email message ID (RFC 822 Message-ID header)
    */
   @plugins.smartdata.svDb()
-  public messageId: string;
+  public messageId!: string;
 
   /**
    * Sender email address (envelope from)
    */
   @plugins.smartdata.svDb()
-  public from: string;
+  public from!: string;
 
   /**
    * Recipient email addresses
    */
   @plugins.smartdata.svDb()
-  public to: string[];
+  public to!: string[];
 
   /**
    * CC recipients
    */
   @plugins.smartdata.svDb()
-  public cc: string[];
+  public cc!: string[];
 
   /**
    * BCC recipients
    */
   @plugins.smartdata.svDb()
-  public bcc: string[];
+  public bcc!: string[];
 
   /**
    * Email subject
    */
   @plugins.smartdata.svDb()
-  public subject: string;
+  public subject!: string;
 
   /**
    * Raw RFC822 email content
    */
   @plugins.smartdata.svDb()
-  public rawContent: string;
+  public rawContent!: string;
 
   /**
    * Current status of the email
    */
   @plugins.smartdata.svDb()
-  public status: TCachedEmailStatus;
+  public status!: TCachedEmailStatus;
 
   /**
    * Number of delivery attempts
@@ -101,25 +101,25 @@ export class CachedEmail extends CachedDocument<CachedEmail> {
    * Timestamp for next delivery attempt
    */
   @plugins.smartdata.svDb()
-  public nextAttempt: Date;
+  public nextAttempt!: Date;
 
   /**
    * Last error message if delivery failed
    */
   @plugins.smartdata.svDb()
-  public lastError: string;
+  public lastError!: string;
 
   /**
    * Timestamp when the email was successfully delivered
    */
   @plugins.smartdata.svDb()
-  public deliveredAt: Date;
+  public deliveredAt!: Date;
 
   /**
    * Sender domain (for querying/filtering)
    */
   @plugins.smartdata.svDb()
-  public senderDomain: string;
+  public senderDomain!: string;
 
   /**
    * Priority level (higher = more important)
@@ -131,7 +131,7 @@ export class CachedEmail extends CachedDocument<CachedEmail> {
    * JSON-serialized route data
    */
   @plugins.smartdata.svDb()
-  public routeData: string;
+  public routeData!: string;
 
   /**
    * DKIM signature status

package/ts/cache/documents/classes.cached.ip.reputation.ts

@@ -45,61 +45,61 @@ export class CachedIPReputation extends CachedDocument<CachedIPReputation> {
    */
   @plugins.smartdata.unI()
   @plugins.smartdata.svDb()
-  public ipAddress: string;
+  public ipAddress!: string;
 
   /**
    * Reputation score (0-100, higher = better)
    */
   @plugins.smartdata.svDb()
-  public score: number;
+  public score!: number;
 
   /**
    * Whether the IP is flagged as spam source
    */
   @plugins.smartdata.svDb()
-  public isSpam: boolean;
+  public isSpam!: boolean;
 
   /**
    * Whether the IP is a known proxy
    */
   @plugins.smartdata.svDb()
-  public isProxy: boolean;
+  public isProxy!: boolean;
 
   /**
    * Whether the IP is a Tor exit node
    */
   @plugins.smartdata.svDb()
-  public isTor: boolean;
+  public isTor!: boolean;
 
   /**
    * Whether the IP is a VPN endpoint
    */
   @plugins.smartdata.svDb()
-  public isVPN: boolean;
+  public isVPN!: boolean;
 
   /**
    * Country code (ISO 3166-1 alpha-2)
    */
   @plugins.smartdata.svDb()
-  public country: string;
+  public country!: string;
 
   /**
    * Autonomous System Number
    */
   @plugins.smartdata.svDb()
-  public asn: string;
+  public asn!: string;
 
   /**
    * Organization name
    */
   @plugins.smartdata.svDb()
-  public org: string;
+  public org!: string;
 
   /**
    * List of blacklists the IP appears on
    */
   @plugins.smartdata.svDb()
-  public blacklists: string[];
+  public blacklists!: string[];
 
   /**
    * Number of times this IP has been checked

package/ts/classes.dcrouter.ts

@@ -215,7 +215,7 @@ export class DcRouter {
   public emailServer?: UnifiedEmailServer;
   public radiusServer?: RadiusServer;
   public storageManager: StorageManager;
-  public opsServer: OpsServer;
+  public opsServer!: OpsServer;
   public metricsManager?: MetricsManager;
 
   // Cache system (smartdata + LocalTsmDb)
@@ -448,7 +448,7 @@ export class DcRouter {
     }
 
     // DNS Server: optional, depends on SmartProxy
-    if (this.options.dnsNsDomains?.length > 0 && this.options.dnsScopes?.length > 0) {
+    if (this.options.dnsNsDomains && this.options.dnsNsDomains.length > 0 && this.options.dnsScopes && this.options.dnsScopes.length > 0) {
       this.serviceManager.addService(
         new plugins.taskbuffer.Service('DnsServer')
           .optional()
@@ -787,7 +787,7 @@ export class DcRouter {
             eventComms.log(`Attempting DNS-01 via SmartAcme for ${domain}`);
             eventComms.setSource('smartacme-dns-01');
             const isWildcardDomain = domain.startsWith('*.');
-            const cert = await this.smartAcme.getCertificateForDomain(domain, {
+            const cert = await this.smartAcme!.getCertificateForDomain(domain, {
               includeWildcard: !isWildcardDomain,
             });
             if (cert.validUntil) {
@@ -806,10 +806,10 @@ export class DcRouter {
             // Success — clear any backoff
             await scheduler.clearBackoff(domain);
             return result;
-          } catch (err) {
+          } catch (err: unknown) {
             // Record failure for backoff tracking
-            await scheduler.recordFailure(domain, err.message);
-            eventComms.warn(`SmartAcme DNS-01 failed for ${domain}: ${err.message}, falling back to http-01`);
+            await scheduler.recordFailure(domain, (err as Error).message);
+            eventComms.warn(`SmartAcme DNS-01 failed for ${domain}: ${(err as Error).message}, falling back to http-01`);
             return 'http01';
           }
         };
@@ -1248,21 +1248,21 @@ export class DcRouter {
     // Wire delivery events to MetricsManager and logger
     if (this.metricsManager && this.emailServer.deliverySystem) {
       this.emailServer.deliverySystem.on('deliveryStart', (item: any) => {
-        this.metricsManager.trackEmailReceived(item?.from);
+        this.metricsManager!.trackEmailReceived(item?.from);
         logger.log('info', `Email delivery started: ${item?.from} → ${item?.to}`, { zone: 'email' });
       });
       this.emailServer.deliverySystem.on('deliverySuccess', (item: any) => {
-        this.metricsManager.trackEmailSent(item?.to);
+        this.metricsManager!.trackEmailSent(item?.to);
         logger.log('info', `Email delivered to ${item?.to}`, { zone: 'email' });
       });
       this.emailServer.deliverySystem.on('deliveryFailed', (item: any, error: any) => {
-        this.metricsManager.trackEmailFailed(item?.to, error?.message);
+        this.metricsManager!.trackEmailFailed(item?.to, error?.message);
         logger.log('warn', `Email delivery failed to ${item?.to}: ${error?.message}`, { zone: 'email' });
       });
     }
     if (this.metricsManager && this.emailServer) {
       this.emailServer.on('bounceProcessed', () => {
-        this.metricsManager.trackEmailBounced();
+        this.metricsManager!.trackEmailBounced();
         logger.log('warn', 'Email bounce processed', { zone: 'email' });
       });
     }
@@ -1305,12 +1305,12 @@ export class DcRouter {
       }
       
       logger.log('info', 'All unified email components stopped');
-    } catch (error) {
-      logger.log('error', `Error stopping unified email components: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Error stopping unified email components: ${(error as Error).message}`);
       throw error;
     }
   }
-  
+
   /**
    * Update domain rules for email routing
    * @param rules New domain rules to apply
@@ -1468,7 +1468,7 @@ export class DcRouter {
       this.dnsServer.on('query', (event: plugins.smartdns.dnsServerMod.IDnsQueryCompletedEvent) => {
         // Metrics tracking
         for (const question of event.questions) {
-          this.metricsManager.trackDnsQuery(
+          this.metricsManager?.trackDnsQuery(
             question.type,
             question.name,
             false,
@@ -1553,8 +1553,8 @@ export class DcRouter {
         // Use the built-in socket handler from smartdns
         // This handles HTTP/2, DoH protocol, etc.
         await (this.dnsServer as any).handleHttpsSocket(socket);
-      } catch (error) {
-        logger.log('error', `DNS socket handler error: ${error.message}`);
+      } catch (error: unknown) {
+        logger.log('error', `DNS socket handler error: ${(error as Error).message}`);
         if (!socket.destroyed) {
           socket.destroy();
         }
@@ -1695,14 +1695,14 @@ export class DcRouter {
           } else {
             logger.log('warn', `Invalid DKIM record structure in ${file}`);
           }
-        } catch (error) {
-          logger.log('error', `Failed to load DKIM record from ${file}: ${error.message}`);
+        } catch (error: unknown) {
+          logger.log('error', `Failed to load DKIM record from ${file}: ${(error as Error).message}`);
         }
       }
-    } catch (error) {
-      logger.log('error', `Failed to load DKIM records: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('error', `Failed to load DKIM records: ${(error as Error).message}`);
     }
-    
+
     return records;
   }
   
@@ -1734,11 +1734,11 @@ export class DcRouter {
         // This ensures keys are ready even if DNS mode changes later
         await dkimCreator.handleDKIMKeysForDomain(domainConfig.domain);
         logger.log('info', `DKIM keys initialized for ${domainConfig.domain}`);
-      } catch (error) {
-        logger.log('error', `Failed to initialize DKIM for ${domainConfig.domain}: ${error.message}`);
+      } catch (error: unknown) {
+        logger.log('error', `Failed to initialize DKIM for ${domainConfig.domain}: ${(error as Error).message}`);
       }
     }
-    
+
     logger.log('info', 'DKIM initialization complete');
   }
   
@@ -1779,10 +1779,10 @@ export class DcRouter {
         } else {
           logger.log('warn', 'Could not auto-discover public IPv4 address');
         }
-      } catch (error) {
-        logger.log('error', `Failed to auto-discover public IP: ${error.message}`);
+      } catch (error: unknown) {
+        logger.log('error', `Failed to auto-discover public IP: ${(error as Error).message}`);
       }
-      
+
       if (!publicIp) {
         logger.log('warn', 'No public IP available. Nameserver A records require either proxyIps, publicIp, or successful auto-discovery.');
       }
@@ -1876,8 +1876,8 @@ export class DcRouter {
       }
       
       return null;
-    } catch (error) {
-      logger.log('warn', `Failed to detect public IP: ${error.message}`);
+    } catch (error: unknown) {
+      logger.log('warn', `Failed to detect public IP: ${(error as Error).message}`);
       return null;
     }
   }
@@ -1911,8 +1911,8 @@ export class DcRouter {
         const keyPem = plugins.fs.readFileSync(riCfg.tls.keyPath, 'utf8');
         tlsConfig = { certPem, keyPem };
         logger.log('info', 'Using explicit TLS cert/key for RemoteIngress tunnel');
-      } catch (err) {
-        logger.log('warn', `Failed to read RemoteIngress TLS cert/key files: ${err.message}`);
+      } catch (err: unknown) {
+        logger.log('warn', `Failed to read RemoteIngress TLS cert/key files: ${(err as Error).message}`);
       }
     }
 

package/ts/config/validator.ts

@@ -170,7 +170,7 @@ export class ConfigValidator {
                 } else if (rules.items.schema && itemType === 'object') {
                   const itemResult = this.validate(value[i], rules.items.schema);
                   if (!itemResult.valid) {
-                    errors.push(...itemResult.errors.map(err => `${key}[${i}].${err}`));
+                    errors.push(...itemResult.errors!.map(err => `${key}[${i}].${err}`));
                   }
                 }
               }
@@ -181,7 +181,7 @@ export class ConfigValidator {
             if (rules.schema) {
               const nestedResult = this.validate(value, rules.schema);
               if (!nestedResult.valid) {
-                errors.push(...nestedResult.errors.map(err => `${key}.${err}`));
+                errors.push(...nestedResult.errors!.map(err => `${key}.${err}`));
               }
               validatedConfig[key] = nestedResult.config;
             }
@@ -233,8 +233,8 @@ export class ConfigValidator {
 
       // Apply defaults to array items
       if (result[key] && rules.type === 'array' && rules.items && rules.items.schema) {
-        result[key] = result[key].map(item => 
-          typeof item === 'object' ? this.applyDefaults(item, rules.items.schema) : item
+        result[key] = result[key].map(item =>
+          typeof item === 'object' ? this.applyDefaults(item, rules.items!.schema!) : item
         );
       }
     }
@@ -255,7 +255,7 @@ export class ConfigValidator {
     
     if (!result.valid) {
       throw new ValidationError(
-        `Configuration validation failed: ${result.errors.join(', ')}`,
+        `Configuration validation failed: ${result.errors!.join(', ')}`,
         'CONFIG_VALIDATION_ERROR',
         { data: { errors: result.errors } }
       );

package/ts/errors/base.errors.ts

@@ -227,7 +227,7 @@ export class PlatformError extends Error {
     const { retry } = this.context;
     if (!retry) return false;
     
-    return retry.currentRetry < retry.maxRetries;
+    return (retry.currentRetry ?? 0) < (retry.maxRetries ?? 0);
   }
 
   /**

package/ts/monitoring/classes.metricsmanager.ts

@@ -296,11 +296,11 @@ export class MetricsManager {
       const proxyMetrics = this.dcRouter.smartProxy ? this.dcRouter.smartProxy.getMetrics() : null;
       
       if (!proxyMetrics) {
-        return [];
+        return [] as Array<{ type: string; count: number; source: string; lastActivity: Date }>;
       }
-      
+
       const connectionsByRoute = proxyMetrics.connections.byRoute();
-      const connectionInfo = [];
+      const connectionInfo: Array<{ type: string; count: number; source: string; lastActivity: Date }> = [];
       
       for (const [routeName, count] of connectionsByRoute) {
         connectionInfo.push({
@@ -595,47 +595,84 @@ export class MetricsManager {
       const backendMetrics = proxyMetrics.backends.byBackend();
       const protocolCache = proxyMetrics.backends.detectedProtocols();
 
-      // Index protocol cache by "host:port"
-      const cacheByKey = new Map<string, (typeof protocolCache)[number]>();
+      // Group protocol cache entries by host:port so we can match them to backend metrics.
+      // The protocol cache is keyed by (host, port, domain) in Rust, so the same host:port
+      // can have multiple entries for different domains.
+      const cacheByBackend = new Map<string, (typeof protocolCache)[number][]>();
       for (const entry of protocolCache) {
-        cacheByKey.set(`${entry.host}:${entry.port}`, entry);
+        const backendKey = `${entry.host}:${entry.port}`;
+        let entries = cacheByBackend.get(backendKey);
+        if (!entries) {
+          entries = [];
+          cacheByBackend.set(backendKey, entries);
+        }
+        entries.push(entry);
       }
 
       const backends: Array<any> = [];
-      const seen = new Set<string>();
+      const seenCacheKeys = new Set<string>();
 
       for (const [key, bm] of backendMetrics) {
-        seen.add(key);
-        const cache = cacheByKey.get(key);
-        backends.push({
-          backend: key,
-          domain: cache?.domain ?? null,
-          protocol: bm.protocol,
-          activeConnections: bm.activeConnections,
-          totalConnections: bm.totalConnections,
-          connectErrors: bm.connectErrors,
-          handshakeErrors: bm.handshakeErrors,
-          requestErrors: bm.requestErrors,
-          avgConnectTimeMs: Math.round(bm.avgConnectTimeMs * 10) / 10,
-          poolHitRate: Math.round(bm.poolHitRate * 1000) / 1000,
-          h2Failures: bm.h2Failures,
-          h2Suppressed: cache?.h2Suppressed ?? false,
-          h3Suppressed: cache?.h3Suppressed ?? false,
-          h2CooldownRemainingSecs: cache?.h2CooldownRemainingSecs ?? null,
-          h3CooldownRemainingSecs: cache?.h3CooldownRemainingSecs ?? null,
-          h2ConsecutiveFailures: cache?.h2ConsecutiveFailures ?? null,
-          h3ConsecutiveFailures: cache?.h3ConsecutiveFailures ?? null,
-          h3Port: cache?.h3Port ?? null,
-          cacheAgeSecs: cache?.ageSecs ?? null,
-        });
+        const cacheEntries = cacheByBackend.get(key);
+        if (!cacheEntries || cacheEntries.length === 0) {
+          // No protocol cache entry — emit one row with backend metrics only
+          backends.push({
+            backend: key,
+            domain: null,
+            protocol: bm.protocol,
+            activeConnections: bm.activeConnections,
+            totalConnections: bm.totalConnections,
+            connectErrors: bm.connectErrors,
+            handshakeErrors: bm.handshakeErrors,
+            requestErrors: bm.requestErrors,
+            avgConnectTimeMs: Math.round(bm.avgConnectTimeMs * 10) / 10,
+            poolHitRate: Math.round(bm.poolHitRate * 1000) / 1000,
+            h2Failures: bm.h2Failures,
+            h2Suppressed: false,
+            h3Suppressed: false,
+            h2CooldownRemainingSecs: null,
+            h3CooldownRemainingSecs: null,
+            h2ConsecutiveFailures: null,
+            h3ConsecutiveFailures: null,
+            h3Port: null,
+            cacheAgeSecs: null,
+          });
+        } else {
+          // One row per domain, each enriched with the shared backend metrics
+          for (const cache of cacheEntries) {
+            const compositeKey = `${cache.host}:${cache.port}:${cache.domain ?? ''}`;
+            seenCacheKeys.add(compositeKey);
+            backends.push({
+              backend: key,
+              domain: cache.domain ?? null,
+              protocol: cache.protocol ?? bm.protocol,
+              activeConnections: bm.activeConnections,
+              totalConnections: bm.totalConnections,
+              connectErrors: bm.connectErrors,
+              handshakeErrors: bm.handshakeErrors,
+              requestErrors: bm.requestErrors,
+              avgConnectTimeMs: Math.round(bm.avgConnectTimeMs * 10) / 10,
+              poolHitRate: Math.round(bm.poolHitRate * 1000) / 1000,
+              h2Failures: bm.h2Failures,
+              h2Suppressed: cache.h2Suppressed,
+              h3Suppressed: cache.h3Suppressed,
+              h2CooldownRemainingSecs: cache.h2CooldownRemainingSecs,
+              h3CooldownRemainingSecs: cache.h3CooldownRemainingSecs,
+              h2ConsecutiveFailures: cache.h2ConsecutiveFailures,
+              h3ConsecutiveFailures: cache.h3ConsecutiveFailures,
+              h3Port: cache.h3Port,
+              cacheAgeSecs: cache.ageSecs,
+            });
+          }
+        }
       }
 
       // Include protocol cache entries with no matching backend metric
       for (const entry of protocolCache) {
-        const key = `${entry.host}:${entry.port}`;
-        if (!seen.has(key)) {
+        const compositeKey = `${entry.host}:${entry.port}:${entry.domain ?? ''}`;
+        if (!seenCacheKeys.has(compositeKey)) {
           backends.push({
-            backend: key,
+            backend: `${entry.host}:${entry.port}`,
             domain: entry.domain,
             protocol: entry.protocol,
             activeConnections: 0,

package/ts/opsserver/classes.opsserver.ts

@@ -7,7 +7,7 @@ import { requireValidIdentity, requireAdminIdentity } from './helpers/guards.js'
 
 export class OpsServer {
   public dcRouterRef: DcRouter;
-  public server: plugins.typedserver.utilityservers.UtilityWebsiteServer;
+  public server!: plugins.typedserver.utilityservers.UtilityWebsiteServer;
 
   // Main TypedRouter — unauthenticated endpoints (login/logout/verify) and own-auth handlers
   public typedrouter = new plugins.typedrequest.TypedRouter();
@@ -17,17 +17,17 @@ export class OpsServer {
   public adminRouter = new plugins.typedrequest.TypedRouter<{ request: { identity: interfaces.data.IIdentity } }>();
 
   // Handler instances
-  public adminHandler: handlers.AdminHandler;
-  private configHandler: handlers.ConfigHandler;
-  private logsHandler: handlers.LogsHandler;
-  private securityHandler: handlers.SecurityHandler;
-  private statsHandler: handlers.StatsHandler;
-  private radiusHandler: handlers.RadiusHandler;
-  private emailOpsHandler: handlers.EmailOpsHandler;
-  private certificateHandler: handlers.CertificateHandler;
-  private remoteIngressHandler: handlers.RemoteIngressHandler;
-  private routeManagementHandler: handlers.RouteManagementHandler;
-  private apiTokenHandler: handlers.ApiTokenHandler;
+  public adminHandler!: handlers.AdminHandler;
+  private configHandler!: handlers.ConfigHandler;
+  private logsHandler!: handlers.LogsHandler;
+  private securityHandler!: handlers.SecurityHandler;
+  private statsHandler!: handlers.StatsHandler;
+  private radiusHandler!: handlers.RadiusHandler;
+  private emailOpsHandler!: handlers.EmailOpsHandler;
+  private certificateHandler!: handlers.CertificateHandler;
+  private remoteIngressHandler!: handlers.RemoteIngressHandler;
+  private routeManagementHandler!: handlers.RouteManagementHandler;
+  private apiTokenHandler!: handlers.ApiTokenHandler;
 
   constructor(dcRouterRefArg: DcRouter) {
     this.dcRouterRef = dcRouterRefArg;
@@ -39,7 +39,7 @@ export class OpsServer {
   public async start() {
     this.server = new plugins.typedserver.utilityservers.UtilityWebsiteServer({
       domain: 'localhost',
-      feedMetadata: null,
+      feedMetadata: undefined,
       serveDir: paths.distServe,
     });
     

package/ts/opsserver/handlers/admin.handler.ts

@@ -12,7 +12,7 @@ export class AdminHandler {
   public typedrouter = new plugins.typedrequest.TypedRouter();
   
   // JWT instance
-  public smartjwtInstance: plugins.smartjwt.SmartJwt<IJwtData>;
+  public smartjwtInstance!: plugins.smartjwt.SmartJwt<IJwtData>;
   
   // Simple in-memory user storage (in production, use proper database)
   private users = new Map<string, {

package/ts/opsserver/handlers/certificate.handler.ts

@@ -311,8 +311,8 @@ export class CertificateHandler {
         }
       }
       return { success: true, message: `Certificate reprovisioning triggered for route '${routeName}'` };
-    } catch (err) {
-      return { success: false, message: err.message || 'Failed to reprovision certificate' };
+    } catch (err: unknown) {
+      return { success: false, message: (err as Error).message || 'Failed to reprovision certificate' };
     }
   }
 
@@ -340,8 +340,8 @@ export class CertificateHandler {
       try {
         await dcRouter.smartAcme.getCertificateForDomain(domain);
         return { success: true, message: `Certificate reprovisioning triggered for domain '${domain}'` };
-      } catch (err) {
-        return { success: false, message: err.message || `Failed to reprovision certificate for ${domain}` };
+      } catch (err: unknown) {
+        return { success: false, message: (err as Error).message || `Failed to reprovision certificate for ${domain}` };
       }
     }
 
@@ -351,8 +351,8 @@ export class CertificateHandler {
       try {
         await smartProxy.provisionCertificate(routeNames[0]);
         return { success: true, message: `Certificate reprovisioning triggered for domain '${domain}' via route '${routeNames[0]}'` };
-      } catch (err) {
-        return { success: false, message: err.message || `Failed to reprovision certificate for ${domain}` };
+      } catch (err: unknown) {
+        return { success: false, message: (err as Error).message || `Failed to reprovision certificate for ${domain}` };
       }
     }
 

package/ts/opsserver/handlers/radius.handler.ts

@@ -52,8 +52,8 @@ export class RadiusHandler {
           try {
             await radiusServer.addClient(dataArg.client);
             return { success: true };
-          } catch (error) {
-            return { success: false, message: error.message };
+          } catch (error: unknown) {
+            return { success: false, message: (error as Error).message };
           }
         }
       )
@@ -144,8 +144,8 @@ export class RadiusHandler {
                 updatedAt: mapping.updatedAt,
               },
             };
-          } catch (error) {
-            return { success: false, message: error.message };
+          } catch (error: unknown) {
+            return { success: false, message: (error as Error).message };
           }
         }
       )

package/ts/opsserver/handlers/stats.handler.ts

@@ -279,7 +279,7 @@ export class StatsHandler {
           if (sections.network && this.opsServerRef.dcRouterRef.metricsManager) {
             promises.push(
               (async () => {
-                const stats = await this.opsServerRef.dcRouterRef.metricsManager.getNetworkStats();
+                const stats = await this.opsServerRef.dcRouterRef.metricsManager!.getNetworkStats();
                 const serverStats = await this.collectServerStats();
 
                 // Build per-IP bandwidth lookup from throughputByIP