@syntero/orca-cli 1.2.1 → 1.2.3

package/dist/assistant/openai.js

@@ -0,0 +1,303 @@
+import { resolveAzureDeployment } from '../providers.js';
+import { loadCredentials } from '../auth.js';
+import { ModelRegistry } from '../models.js';
+import { TOOLS_OPENAI, } from '../tools.js';
+import { SYSTEM_PROMPT, SUMMARIZATION_PROMPT } from './prompts.js';
+import { executeToolCalls, injectQueuedMessage } from './helpers.js';
+/**
+ * Resolve the OpenAI/Azure model name and registry ID.
+ */
+export function resolveOpenAIModel(settings, isAzure) {
+    if (isAzure) {
+        const modelIdForRegistry = settings.azure.deployment;
+        const creds = loadCredentials();
+        const model = creds?.llm
+            ? resolveAzureDeployment(settings.azure.deployment, creds.llm)
+            : settings.azure.deployment;
+        return { model, modelIdForRegistry };
+    }
+    return { model: settings.openai.model, modelIdForRegistry: settings.openai.model };
+}
+/**
+ * Convert Anthropic message history to OpenAI message format.
+ */
+export function convertMessagesToOpenAI(messages) {
+    const openaiMessages = [{ role: 'system', content: SYSTEM_PROMPT }];
+    for (const msg of messages) {
+        if (msg.role === 'user') {
+            if (Array.isArray(msg.content)) {
+                for (const item of msg.content) {
+                    if (item.type === 'tool_result') {
+                        openaiMessages.push({
+                            role: 'tool',
+                            tool_call_id: item.tool_use_id || '',
+                            content: item.content || '',
+                        });
+                    }
+                }
+            }
+            else {
+                openaiMessages.push({ role: 'user', content: msg.content });
+            }
+        }
+        else if (msg.role === 'assistant') {
+            if (Array.isArray(msg.content)) {
+                const toolCallsArr = [];
+                let textContent = '';
+                for (const item of msg.content) {
+                    if (item.type === 'text') {
+                        textContent = item.text || '';
+                    }
+                    else if (item.type === 'tool_use') {
+                        toolCallsArr.push({
+                            id: item.id || '',
+                            type: 'function',
+                            function: {
+                                name: item.name || '',
+                                arguments: JSON.stringify(item.input || {}),
+                            },
+                        });
+                    }
+                }
+                const assistantMsg = {
+                    role: 'assistant',
+                    content: textContent || null,
+                };
+                if (toolCallsArr.length > 0) {
+                    assistantMsg.tool_calls = toolCallsArr;
+                }
+                openaiMessages.push(assistantMsg);
+            }
+        }
+    }
+    return openaiMessages;
+}
+/**
+ * Run assistant with OpenAI/Azure API with streaming.
+ * @param getQueuedMessage - Optional callback to check for queued messages at each iteration
+ * @param confirmCommand - Optional callback to confirm dangerous commands
+ * @param approvedCategories - Set of command categories approved for the session
+ */
+export async function* runAssistantOpenAI(client, settings, userMessage, messages, isAzure = false, signal, getQueuedMessage, confirmCommand, approvedCategories) {
+    const { model, modelIdForRegistry } = resolveOpenAIModel(settings, isAzure);
+    const openaiMessages = convertMessagesToOpenAI(messages);
+    openaiMessages.push({ role: 'user', content: userMessage });
+    messages.push({ role: 'user', content: userMessage });
+    while (true) {
+        // Check for queued messages at the start of each iteration
+        const queuedMessage = getQueuedMessage?.();
+        if (queuedMessage) {
+            yield* injectQueuedMessage(queuedMessage, messages, openaiMessages);
+        }
+        let responseText = '';
+        const toolCalls = {};
+        let currentToolId = null;
+        // Build request options with dynamic max_tokens parameter based on model ID (not deployment name)
+        const maxTokensParam = ModelRegistry.getMaxTokensParam(modelIdForRegistry);
+        const maxTokensValue = ModelRegistry.getMaxTokens(modelIdForRegistry);
+        // Use type assertion through unknown to handle dynamic property names
+        const baseOptions = {
+            model,
+            messages: openaiMessages,
+            tools: TOOLS_OPENAI,
+            stream: true,
+        };
+        const streamOptions = maxTokensParam === 'max_completion_tokens'
+            ? { ...baseOptions, max_completion_tokens: maxTokensValue }
+            : { ...baseOptions, max_tokens: maxTokensValue };
+        const stream = await client.chat.completions.create(streamOptions, { signal });
+        let finishReason = null;
+        for await (const chunk of stream) {
+            const delta = chunk.choices[0]?.delta;
+            finishReason = chunk.choices[0]?.finish_reason || null;
+            if (delta) {
+                if (delta.content) {
+                    yield delta.content;
+                    responseText += delta.content;
+                }
+                if (delta.tool_calls) {
+                    for (const tc of delta.tool_calls) {
+                        if (tc.id) {
+                            currentToolId = tc.id;
+                            toolCalls[currentToolId] = {
+                                id: tc.id,
+                                name: tc.function?.name || '',
+                                input: '',
+                            };
+                        }
+                        if (tc.function?.arguments && currentToolId) {
+                            toolCalls[currentToolId].input += tc.function.arguments;
+                        }
+                    }
+                }
+            }
+        }
+        // Build assistant message
+        const assistantContent = [];
+        if (responseText) {
+            assistantContent.push({ type: 'text', text: responseText });
+        }
+        const openaiAssistantMsg = {
+            role: 'assistant',
+            content: responseText || null,
+        };
+        if (Object.keys(toolCalls).length > 0) {
+            openaiAssistantMsg.tool_calls = Object.values(toolCalls).map((tc) => ({
+                id: tc.id,
+                type: 'function',
+                function: {
+                    name: tc.name,
+                    arguments: tc.input,
+                },
+            }));
+            for (const tc of Object.values(toolCalls)) {
+                try {
+                    tc.input = tc.input ? JSON.parse(tc.input) : {};
+                }
+                catch {
+                    tc.input = {};
+                }
+                assistantContent.push({
+                    type: 'tool_use',
+                    id: tc.id,
+                    name: tc.name,
+                    input: tc.input,
+                });
+            }
+        }
+        openaiMessages.push(openaiAssistantMsg);
+        messages.push({ role: 'assistant', content: assistantContent });
+        if (finishReason === 'tool_calls' && Object.keys(toolCalls).length > 0) {
+            const { anthropicResults, openaiResults } = yield* executeToolCalls(Object.values(toolCalls), confirmCommand, approvedCategories);
+            for (const r of openaiResults) {
+                openaiMessages.push({ role: 'tool', tool_call_id: r.tool_call_id, content: r.content });
+            }
+            messages.push({ role: 'user', content: anthropicResults });
+        }
+        else {
+            break;
+        }
+    }
+    return messages;
+}
+/**
+ * Run assistant with OpenAI/Azure API without streaming.
+ * Fetches complete responses in a single request to eliminate screen jitter.
+ * @param getQueuedMessage - Optional callback to check for queued messages at each iteration
+ * @param confirmCommand - Optional callback to confirm dangerous commands
+ * @param approvedCategories - Set of command categories approved for the session
+ */
+export async function* runAssistantOpenAINonStreaming(client, settings, userMessage, messages, isAzure = false, signal, getQueuedMessage, confirmCommand, approvedCategories) {
+    const { model, modelIdForRegistry } = resolveOpenAIModel(settings, isAzure);
+    const openaiMessages = convertMessagesToOpenAI(messages);
+    openaiMessages.push({ role: 'user', content: userMessage });
+    messages.push({ role: 'user', content: userMessage });
+    while (true) {
+        // Check for queued messages at the start of each iteration
+        const queuedMessage = getQueuedMessage?.();
+        if (queuedMessage) {
+            yield* injectQueuedMessage(queuedMessage, messages, openaiMessages);
+        }
+        // Build request options with dynamic max_tokens parameter based on model ID (not deployment name)
+        const maxTokensParam = ModelRegistry.getMaxTokensParam(modelIdForRegistry);
+        const maxTokensValue = ModelRegistry.getMaxTokens(modelIdForRegistry);
+        // Non-streaming request - no stream option
+        const baseOptions = {
+            model,
+            messages: openaiMessages,
+            tools: TOOLS_OPENAI,
+        };
+        const requestOptions = maxTokensParam === 'max_completion_tokens'
+            ? { ...baseOptions, max_completion_tokens: maxTokensValue }
+            : { ...baseOptions, max_tokens: maxTokensValue };
+        const response = await client.chat.completions.create(requestOptions, { signal });
+        const choice = response.choices[0];
+        const responseText = choice?.message?.content || '';
+        const toolCallsResponse = choice?.message?.tool_calls || [];
+        const finishReason = choice?.finish_reason || null;
+        // Yield the complete response text at once
+        if (responseText) {
+            yield responseText;
+        }
+        // Build assistant message
+        const assistantContent = [];
+        if (responseText) {
+            assistantContent.push({ type: 'text', text: responseText });
+        }
+        const openaiAssistantMsg = {
+            role: 'assistant',
+            content: responseText || null,
+        };
+        const toolCalls = {};
+        // Filter for function-type tool calls only
+        const functionToolCalls = toolCallsResponse.filter(tc => tc.type === 'function');
+        if (functionToolCalls.length > 0) {
+            openaiAssistantMsg.tool_calls = functionToolCalls.map((tc) => ({
+                id: tc.id,
+                type: 'function',
+                function: {
+                    name: tc.function.name,
+                    arguments: tc.function.arguments,
+                },
+            }));
+            for (const tc of functionToolCalls) {
+                const funcTc = tc;
+                let parsedInput;
+                try {
+                    parsedInput = funcTc.function.arguments ? JSON.parse(funcTc.function.arguments) : {};
+                }
+                catch {
+                    parsedInput = {};
+                }
+                toolCalls[funcTc.id] = {
+                    id: funcTc.id,
+                    name: funcTc.function.name,
+                    input: parsedInput,
+                };
+                assistantContent.push({
+                    type: 'tool_use',
+                    id: funcTc.id,
+                    name: funcTc.function.name,
+                    input: parsedInput,
+                });
+            }
+        }
+        openaiMessages.push(openaiAssistantMsg);
+        messages.push({ role: 'assistant', content: assistantContent });
+        if (finishReason === 'tool_calls' && Object.keys(toolCalls).length > 0) {
+            const { anthropicResults, openaiResults } = yield* executeToolCalls(Object.values(toolCalls), confirmCommand, approvedCategories);
+            for (const r of openaiResults) {
+                openaiMessages.push({ role: 'tool', tool_call_id: r.tool_call_id, content: r.content });
+            }
+            messages.push({ role: 'user', content: anthropicResults });
+        }
+        else {
+            break;
+        }
+    }
+    return messages;
+}
+/**
+ * Summarize a conversation using the OpenAI/Azure API.
+ */
+export async function summarizeWithOpenAI(client, settings, conversationText, isAzure) {
+    const { model, modelIdForRegistry } = resolveOpenAIModel(settings, isAzure);
+    // Build request options with dynamic max_tokens parameter based on model ID (not deployment name)
+    const maxTokensParam = ModelRegistry.getMaxTokensParam(modelIdForRegistry);
+    const baseOptions = {
+        model,
+        messages: [
+            { role: 'system', content: SUMMARIZATION_PROMPT },
+            {
+                role: 'user',
+                content: `Please summarize the following deployment troubleshooting conversation:\n\n${conversationText}`,
+            },
+        ],
+    };
+    const requestOptions = maxTokensParam === 'max_completion_tokens'
+        ? { ...baseOptions, max_completion_tokens: 2500 }
+        : { ...baseOptions, max_tokens: 2500 };
+    const response = await client.chat.completions.create(requestOptions);
+    return response.choices[0]?.message?.content || 'Unable to generate summary.';
+}
+//# sourceMappingURL=openai.js.map

package/dist/assistant/openai.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openai.js","sourceRoot":"","sources":["../../src/assistant/openai.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC7C,OAAO,EACL,YAAY,GACb,MAAM,aAAa,CAAC;AASrB,OAAO,EAAE,aAAa,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,cAAc,CAAC;AAErE;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAAkB,EAAE,OAAgB;IACrE,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,kBAAkB,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC;QACrD,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,KAAK,EAAE,GAAG;YACtB,CAAC,CAAC,sBAAsB,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU,EAAE,KAAK,CAAC,GAAG,CAAC;YAC9D,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC;QAC9B,OAAO,EAAE,KAAK,EAAE,kBAAkB,EAAE,CAAC;IACvC,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,kBAAkB,EAAE,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;AACrF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,QAA4B;IAClE,MAAM,cAAc,GAAoB,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,CAAC;IAErF,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,GAAG,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YACxB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/B,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;oBAC/B,IAAI,IAAI,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;wBAChC,cAAc,CAAC,IAAI,CAAC;4BAClB,IAAI,EAAE,MAAM;4BACZ,YAAY,EAAE,IAAI,CAAC,WAAW,IAAI,EAAE;4BACpC,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,EAAE;yBAC5B,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,IAAI,KAAK,WAAW,EAAE,CAAC;YACpC,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/B,MAAM,YAAY,GAAqB,EAAE,CAAC;gBAC1C,IAAI,WAAW,GAAG,EAAE,CAAC;gBAErB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;oBAC/B,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;wBACzB,WAAW,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;oBAChC,CAAC;yBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;wBACpC,YAAY,CAAC,IAAI,CAAC;4BAChB,EAAE,EAAE,IAAI,CAAC,EAAE,IAAI,EAAE;4BACjB,IAAI,EAAE,UAAU;4BAChB,QAAQ,EAAE;gCACR,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,EAAE;gCACrB,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;6BAC5C;yBACF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,MAAM,YAAY,GAAkB;oBAClC,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,WAAW,IAAI,IAAI;iBAC7B,CAAC;gBACF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC5B,YAAY,CAAC,UAAU,GAAG,YAAY,CAAC;gBACzC,CAAC;gBACD,cAAc,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACpC,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,kBAAkB,CACvC,MAAc,EACd,QAAkB,EAClB,WAAmB,EACnB,QAA4B,EAC5B,OAAO,GAAG,KAAK,EACf,MAAoB,EACpB,gBAAsC,EACtC,cAAuC,EACvC,kBAAgC;IAEhC,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC5E,MAAM,cAAc,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAEzD,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;IAC5D,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;IAEtD,OAAO,IAAI,EAAE,CAAC;QACZ,2DAA2D;QAC3D,MAAM,aAAa,GAAG,gBAAgB,EAAE,EAAE,CAAC;QAC3C,IAAI,aAAa,EAAE,CAAC;YAClB,KAAK,CAAC,CAAC,mBAAmB,CAAC,aAAa,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,YAAY,GAAG,EAAE,CAAC;QACtB,MAAM,SAAS,GAAiC,EAAE,CAAC;QACnD,IAAI,aAAa,GAAkB,IAAI,CAAC;QAExC,kGAAkG;QAClG,MAAM,cAAc,GAAG,aAAa,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,CAAC;QAC3E,MAAM,cAAc,GAAG,aAAa,CAAC,YAAY,CAAC,kBAAkB,CAAC,CAAC;QAEtE,sEAAsE;QACtE,MAAM,WAAW,GAAG;YAClB,KAAK;YACL,QAAQ,EAAE,cAAqD;YAC/D,KAAK,EAAE,YAA2C;YAClD,MAAM,EAAE,IAAa;SACtB,CAAC;QACF,MAAM,aAAa,GAAG,cAAc,KAAK,uBAAuB;YAC9D,CAAC,CAAC,EAAE,GAAG,WAAW,EAAE,qBAAqB,EAAE,cAAc,EAAE;YAC3D,CAAC,CAAC,EAAE,GAAG,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;QAEnD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CACjD,aAAa,EACb,EAAE,MAAM,EAAE,CACX,CAAC;QAEF,IAAI,YAAY,GAAkB,IAAI,CAAC;QAEvC,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YACjC,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC;YACtC,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,aAAa,IAAI,IAAI,CAAC;YAEvD,IAAI,KAAK,EAAE,CAAC;gBACV,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;oBAClB,MAAM,KAAK,CAAC,OAAO,CAAC;oBACpB,YAAY,IAAI,KAAK,CAAC,OAAO,CAAC;gBAChC,CAAC;gBACD,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;oBACrB,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;wBAClC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC;4BACV,aAAa,GAAG,EAAE,CAAC,EAAE,CAAC;4BACtB,SAAS,CAAC,aAAa,CAAC,GAAG;gCACzB,EAAE,EAAE,EAAE,CAAC,EAAE;gCACT,IAAI,EAAE,EAAE,CAAC,QAAQ,EAAE,IAAI,IAAI,EAAE;gCAC7B,KAAK,EAAE,EAAE;6BACV,CAAC;wBACJ,CAAC;wBACD,IAAI,EAAE,CAAC,QAAQ,EAAE,SAAS,IAAI,aAAa,EAAE,CAAC;4BAC5C,SAAS,CAAC,aAAa,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC1D,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,0BAA0B;QAC1B,MAAM,gBAAgB,GAA4B,EAAE,CAAC;QACrD,IAAI,YAAY,EAAE,CAAC;YACjB,gBAAgB,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,MAAM,kBAAkB,GAAkB;YACxC,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,YAAY,IAAI,IAAI;SAC9B,CAAC;QAEF,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtC,kBAAkB,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpE,EAAE,EAAE,EAAE,CAAC,EAAE;gBACT,IAAI,EAAE,UAAmB;gBACzB,QAAQ,EAAE;oBACR,IAAI,EAAE,EAAE,CAAC,IAAI;oBACb,SAAS,EAAE,EAAE,CAAC,KAAe;iBAC9B;aACF,CAAC,CAAC,CAAC;YAEJ,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1C,IAAI,CAAC;oBACH,EAAE,CAAC,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,KAAe,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC5D,CAAC;gBAAC,MAAM,CAAC;oBACP,EAAE,CAAC,KAAK,GAAG,EAAE,CAAC;gBAChB,CAAC;gBACD,gBAAgB,CAAC,IAAI,CAAC;oBACpB,IAAI,EAAE,UAAU;oBAChB,EAAE,EAAE,EAAE,CAAC,EAAE;oBACT,IAAI,EAAE,EAAE,CAAC,IAAI;oBACb,KAAK,EAAE,EAAE,CAAC,KAAgC;iBAC3C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,cAAc,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAEhE,IAAI,YAAY,KAAK,YAAY,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvE,MAAM,EAAE,gBAAgB,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC,CAAC,gBAAgB,CACjE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,cAAc,EAAE,kBAAkB,CAC7D,CAAC;YACF,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;gBAC9B,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC,YAAY,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAC1F,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC7D,CAAC;aAAM,CAAC;YACN,MAAM;QACR,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,SAAS,CAAC,CAAC,8BAA8B,CACnD,MAAc,EACd,QAAkB,EAClB,WAAmB,EACnB,QAA4B,EAC5B,OAAO,GAAG,KAAK,EACf,MAAoB,EACpB,gBAAsC,EACtC,cAAuC,EACvC,kBAAgC;IAEhC,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC5E,MAAM,cAAc,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAEzD,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;IAC5D,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;IAEtD,OAAO,IAAI,EAAE,CAAC;QACZ,2DAA2D;QAC3D,MAAM,aAAa,GAAG,gBAAgB,EAAE,EAAE,CAAC;QAC3C,IAAI,aAAa,EAAE,CAAC;YAClB,KAAK,CAAC,CAAC,mBAAmB,CAAC,aAAa,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;QACtE,CAAC;QAED,kGAAkG;QAClG,MAAM,cAAc,GAAG,aAAa,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,CAAC;QAC3E,MAAM,cAAc,GAAG,aAAa,CAAC,YAAY,CAAC,kBAAkB,CAAC,CAAC;QAEtE,2CAA2C;QAC3C,MAAM,WAAW,GAAG;YAClB,KAAK;YACL,QAAQ,EAAE,cAAqD;YAC/D,KAAK,EAAE,YAA2C;SACnD,CAAC;QACF,MAAM,cAAc,GAAG,cAAc,KAAK,uBAAuB;YAC/D,CAAC,CAAC,EAAE,GAAG,WAAW,EAAE,qBAAqB,EAAE,cAAc,EAAE;YAC3D,CAAC,CAAC,EAAE,GAAG,WAAW,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;QAEnD,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CACnD,cAAc,EACd,EAAE,MAAM,EAAE,CACX,CAAC;QAEF,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACnC,MAAM,YAAY,GAAG,MAAM,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC;QACpD,MAAM,iBAAiB,GAAG,MAAM,EAAE,OAAO,EAAE,UAAU,IAAI,EAAE,CAAC;QAC5D,MAAM,YAAY,GAAG,MAAM,EAAE,aAAa,IAAI,IAAI,CAAC;QAEnD,2CAA2C;QAC3C,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,YAAY,CAAC;QACrB,CAAC;QAED,0BAA0B;QAC1B,MAAM,gBAAgB,GAA4B,EAAE,CAAC;QACrD,IAAI,YAAY,EAAE,CAAC;YACjB,gBAAgB,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,CAAC;QAC9D,CAAC;QAED,MAAM,kBAAkB,GAAkB;YACxC,IAAI,EAAE,WAAW;YACjB,OAAO,EAAE,YAAY,IAAI,IAAI;SAC9B,CAAC;QAEF,MAAM,SAAS,GAAiC,EAAE,CAAC;QACnD,2CAA2C;QAC3C,MAAM,iBAAiB,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;QACjF,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,kBAAkB,CAAC,UAAU,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;gBAC7D,EAAE,EAAE,EAAE,CAAC,EAAE;gBACT,IAAI,EAAE,UAAmB;gBACzB,QAAQ,EAAE;oBACR,IAAI,EAAG,EAAwD,CAAC,QAAQ,CAAC,IAAI;oBAC7E,SAAS,EAAG,EAAwD,CAAC,QAAQ,CAAC,SAAS;iBACxF;aACF,CAAC,CAAC,CAAC;YAEJ,KAAK,MAAM,EAAE,IAAI,iBAAiB,EAAE,CAAC;gBACnC,MAAM,MAAM,GAAG,EAAmE,CAAC;gBACnF,IAAI,WAAoC,CAAC;gBACzC,IAAI,CAAC;oBACH,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvF,CAAC;gBAAC,MAAM,CAAC;oBACP,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;gBACD,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG;oBACrB,EAAE,EAAE,MAAM,CAAC,EAAE;oBACb,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;oBAC1B,KAAK,EAAE,WAAW;iBACnB,CAAC;gBACF,gBAAgB,CAAC,IAAI,CAAC;oBACpB,IAAI,EAAE,UAAU;oBAChB,EAAE,EAAE,MAAM,CAAC,EAAE;oBACb,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;oBAC1B,KAAK,EAAE,WAAW;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,cAAc,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAEhE,IAAI,YAAY,KAAK,YAAY,IAAI,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvE,MAAM,EAAE,gBAAgB,EAAE,aAAa,EAAE,GAAG,KAAK,CAAC,CAAC,gBAAgB,CACjE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,cAAc,EAAE,kBAAkB,CAC7D,CAAC;YACF,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;gBAC9B,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,CAAC,YAAY,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;YAC1F,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC,CAAC;QAC7D,CAAC;aAAM,CAAC;YACN,MAAM;QACR,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,MAAc,EACd,QAAkB,EAClB,gBAAwB,EACxB,OAAgB;IAEhB,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,GAAG,kBAAkB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAE5E,kGAAkG;IAClG,MAAM,cAAc,GAAG,aAAa,CAAC,iBAAiB,CAAC,kBAAkB,CAAC,CAAC;IAC3E,MAAM,WAAW,GAAG;QAClB,KAAK;QACL,QAAQ,EAAE;YACR,EAAE,IAAI,EAAE,QAAiB,EAAE,OAAO,EAAE,oBAAoB,EAAE;YAC1D;gBACE,IAAI,EAAE,MAAe;gBACrB,OAAO,EAAE,8EAA8E,gBAAgB,EAAE;aAC1G;SACF;KACF,CAAC;IACF,MAAM,cAAc,GAAG,cAAc,KAAK,uBAAuB;QAC/D,CAAC,CAAC,EAAE,GAAG,WAAW,EAAE,qBAAqB,EAAE,IAAI,EAAE;QACjD,CAAC,CAAC,EAAE,GAAG,WAAW,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;IAEzC,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IAEtE,OAAO,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,IAAI,6BAA6B,CAAC;AAChF,CAAC"}

package/dist/assistant/prompts.d.ts

@@ -0,0 +1,11 @@
+export declare const SYSTEM_PROMPT = "You are an expert deployment assistant for Orca, a workflow automation application.\n\n## Your Role\nHelp users install, configure, diagnose, and resolve deployment issues. You have FULL access to:\n- Run shell commands (curl, docker, docker compose, etc.)\n- Docker containers, logs, and configuration\n- Deployment files (docker-compose.yml, .env template)\n- The main application database (read-only SQL)\n- Management scripts via docker exec\n\n## Capabilities\nYou CAN and SHOULD:\n- Authenticate with GHCR to pull Orca images\n- Run docker compose commands (up, down, pull, restart)\n- Edit configuration files\n- Execute any shell command needed to help the user\n\nNote: Potentially dangerous commands (rm, git reset --hard, docker rm, etc.) will prompt the user for confirmation before execution. The user can approve individual commands or allow entire categories for the session.\n\n## Fresh Installation\nWhen a user asks to \"install\" Orca on a fresh machine:\n1. Check prerequisites: Docker and Docker Compose must be installed\n2. Authenticate with GHCR using the docker_login_ghcr tool (REQUIRED before pulling images)\n3. Download deployment files using the download_deployment_files tool (specify target directory like ~/orca or /opt/orca)\n4. Configure .env file:\n   - Copy .env.example to .env\n   - Auto-generate FLASK_SECRET_KEY using: python3 -c \"import secrets; print(secrets.token_hex(32))\"\n   - Auto-detect PUID (host user ID): id -u\n   - Auto-detect PGID (host group ID): id -g\n   - Auto-detect DOCKER_GID (cross-platform): stat -c '%g' /var/run/docker.sock 2>/dev/null || stat -f '%g' /var/run/docker.sock 2>/dev/null || echo \"Could not detect docker GID\"\n   - Auto-detect GUNICORN_WORKERS (2 per CPU core, min 2, max 12): CORES=$(nproc 2>/dev/null || sysctl -n hw.ncpu 2>/dev/null || echo 2); WORKERS=$((CORES * 2)); [ $WORKERS -lt 2 ] && WORKERS=2; [ $WORKERS -gt 12 ] && WORKERS=12; echo $WORKERS\n   IMPORTANT: PUID and PGID are critical for avoiding permission issues. They must match the host user running Docker.\n5. cd to deployment directory and run: docker compose pull\n6. Start services: docker compose up -d\n7. Wait for services to become healthy\n8. Configure CORS for LAN access (see below)\n9. **IMPORTANT**: After successful installation, use the save_deployment_dir tool to save the deployment directory path for future updates\n\nIMPORTANT: The user must run /token BEFORE installation to authenticate with the server.\nIf GHCR authentication or deployment file download fails, tell the user to run /token first.\n\n## CORS Configuration for LAN Access\nALWAYS configure CORS at the end of installation:\n1. Auto-detect the server's IP (cross-platform): hostname -I 2>/dev/null | awk '{print $1}' || ipconfig getifaddr en0 2>/dev/null || echo \"IP detection failed - ask user\"\n2. Read current cors_origins.json from the deployment directory\n3. Add both http:// and https:// origins for the detected IP (if not already present)\n4. Write the updated cors_origins.json\n5. Restart the backend: docker compose restart backend\n6. Display access URLs to the user:\n   - Local: http://localhost and https://localhost\n   - LAN: http://<detected-ip> and https://<detected-ip>\n\n## Container Discovery\nIMPORTANT: Never assume container names. Always discover them dynamically:\n```\ndocker ps --filter \"name=orca-\" --format \"{{.Names}}\"\n```\n\nTypical containers (names may vary):\n- Backend: Flask app (port 5000)\n- Frontend: Nginx/React (ports 80/443)\n- Redis: Caching\n- Sandbox containers: Per-org Python sandboxes (dynamic)\n- Runtime data containers: Per-org PostgreSQL (dynamic)\n\n## Running Management Scripts\nUse docker exec with the discovered backend container name:\n```\ndocker exec <backend-container> python -m backend.scripts.manage_users --list\ndocker exec <backend-container> python -m backend.scripts.manage_api_keys --list-orgs\n```\n\n## Creating Users\nIMPORTANT: When creating users with manage_users.py:\n1. ALWAYS use the org_id from check_auth_status tool (e.g., \"org-syntero\")\n2. Use simple alphanumeric passwords (letters and numbers only, no special characters)\n   - GOOD: 'SecurePass123', 'Admin2026xyz'\n   - BAD: Generated passwords with special chars like '-' or '_' can cause shell expansion issues\n3. **FIRST USER MUST BE super_admin** - Always use --role super_admin for the first user\n\nExample (first user during installation):\n```\ndocker exec <backend-container> python -m backend.scripts.manage_users \\\n  --email admin@example.com --password 'SecurePass123' --name 'Admin' \\\n  --org-id <org_id_from_check_auth_status> --org-name \"Organization Name\" \\\n  --role super_admin\n```\nThis ensures:\n- The sandbox container name (orca-sandbox-{org_id}) matches correctly for sync\n- The password is stored correctly without shell interpolation issues\n- The first user has full admin privileges to manage the system\n\n## Post-Installation Steps (IMPORTANT)\nAfter creating the super admin user, guide them through these steps:\n\n1. **Log in to Orca** at https://localhost or https://<server-ip> with the super admin credentials\n2. **Navigate to Super Admin Dashboard**: Click the user menu \u2192 \"Super Admin\"\n3. **Create organization containers**: In the Workspaces Manager, find the organization row and click \"Create Containers\" (or \"Recreate Containers\" if they exist)\n4. **Wait for containers to be ready**: The system creates:\n   - `orca-sandbox-{org_id}` - Python execution sandbox\n   - `orca-runtime-data-{org_id}` - PostgreSQL database for data_store\n\n**Why this is required:**\n- The CLI sync command needs a running sandbox container to write solution files to `/workspace/library/`\n- Without these containers, the sync will fail with \"container not found\" or permission errors\n- Each organization gets isolated containers with their own workspace volume\n\n**Verify containers exist:**\n```\ndocker ps --filter \"name=orca-sandbox-\" --filter \"name=orca-runtime-data-\"\n```\n\nOnly after containers are running can the user sync solutions using the CLI sync command.\n\n## Common Issues\n- Backend crash loops: Check logs for database/migration errors\n- Missing tables: Usually migration issues\n- Permission errors: UID/GID mismatches\n- Network issues: Check cors_origins.json and orca-network\n\n## Guidelines\n1. Discover container names first with docker ps\n2. Start with container status and logs\n3. Use inspect_env (not read_file) for .env\n4. Explain issues clearly with fix steps\n5. Be thorough but concise\n\n## Updating Installation\nWhen a user asks to \"update\" Orca:\n\n1. First, use the get_deployment_dir tool to find where Orca is installed\n2. If the deployment directory is not found, ask the user for the path\n3. Once you have the path, cd to that directory and run these steps:\n   a. docker rm -f orca-sandbox-keeper 2>/dev/null (remove sandbox keeper if running)\n   b. docker compose up -d --pull always --force-recreate --remove-orphans (pull stable images and force-recreate containers)\n   c. Wait for all services to be healthy by checking: docker ps --filter \"name=orca-\"\n   d. docker system prune -af (clean up old images)\n   e. Use rebuild_all_sandboxes to rebuild sandbox containers with the new image\n4. If the deployment directory was provided by the user (not from settings), save it using save_deployment_dir tool for future updates\n\n## Post-Update Container Management\nAfter updating (docker compose up -d --pull always), sandbox containers still run the OLD image.\nYou MUST rebuild or recreate containers to pick up the new image:\n\n- **rebuild_all_sandboxes**: Pulls latest sandbox image and rebuilds all sandbox containers.\n  Preserves workspace volumes (user data). Use this for routine updates.\n- **recreate_all_containers**: Removes ALL containers (sandbox, runtime-data, neo4j) for every\n  org, then creates them fresh. Preserves volumes. Use this when a major update requires\n  fresh containers for all types, not just sandboxes.\n\nBoth tools require cloud authentication (/token). Always use rebuild_all_sandboxes first.\nOnly use recreate_all_containers if instructed or if rebuild alone didn't resolve issues.\n\n## Troubleshooting Guide\nIMPORTANT: After downloading deployment files, ALWAYS read TROUBLESHOOTING.md first:\n```\ngrep_file({ pattern: \".\", path: \"TROUBLESHOOTING.md\", context_lines: 0 })\n```\nThis document contains critical guidance for installation and common issues.\n\nWhen diagnosing issues:\n1. Search TROUBLESHOOTING.md for error messages or symptoms\n2. Example: grep_file({ pattern: \"502\", path: \"TROUBLESHOOTING.md\", context_lines: 20 })\n3. Follow documented solutions before attempting custom fixes\n\n## Critical Behaviors (MUST FOLLOW)\n1. **NEVER ask users to run commands you can run yourself** - You have full shell access\n2. **VERIFY each step before proceeding**:\n   - After \"docker compose up -d\", ALWAYS run: docker ps --filter \"name=orca-\"\n   - If no containers shown, run \"docker compose ps -a\" and check logs\n   - Don't configure CORS until containers are verified running\n3. **Wait for async operations** - docker compose up may still be pulling images\n4. **Don't restart non-existent containers** - Verify containers exist first with docker ps\n5. **Act, don't over-explain** - Fix issues directly instead of theorizing\n6. **Always call save_deployment_dir** after successful installation\n";
+/**
+ * System prompt for conversation summarization.
+ * Instructs the model to create a concise but comprehensive summary.
+ */
+export declare const SUMMARIZATION_PROMPT = "You are a conversation summarizer. Create a comprehensive summary of a deployment troubleshooting conversation that preserves essential context for continuing the work.\n\nCapture with high fidelity:\n1. **Architectural Decisions**: Any design choices or configuration decisions made\n2. **Unresolved Issues**: Bugs, errors, or problems still pending\n3. **Key Findings**: Important discoveries during troubleshooting (specific error messages, root causes)\n4. **Implementation Details**: Commands that worked, configuration values, container names\n5. **Current State**: What is working, what is not\n6. **Next Steps**: Any planned actions or recommendations\n\nGuidelines:\n- Aim for 12-20% of the original conversation size\n- Preserve specific technical details (container names, error messages, config values)\n- Remove redundant tool outputs and repetitive exchanges\n- Keep context needed to continue troubleshooting without re-discovering information\n- Use structured format with clear sections\n\nRespond with ONLY the summary.";
+/**
+ * System prompt for generating conversation titles.
+ */
+export declare const TITLE_GENERATION_PROMPT = "Generate a short title (3-6 words) for this conversation. Return only the title, nothing else. No quotes, no punctuation at the end.";
+//# sourceMappingURL=prompts.d.ts.map

package/dist/assistant/prompts.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompts.d.ts","sourceRoot":"","sources":["../../src/assistant/prompts.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa,qwSA+KzB,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,oBAAoB,khCAiBF,CAAC;AAEhC;;GAEG;AACH,eAAO,MAAM,uBAAuB,yIAAyI,CAAC"}

package/dist/assistant/prompts.js

@@ -0,0 +1,203 @@
+export const SYSTEM_PROMPT = `You are an expert deployment assistant for Orca, a workflow automation application.
+
+## Your Role
+Help users install, configure, diagnose, and resolve deployment issues. You have FULL access to:
+- Run shell commands (curl, docker, docker compose, etc.)
+- Docker containers, logs, and configuration
+- Deployment files (docker-compose.yml, .env template)
+- The main application database (read-only SQL)
+- Management scripts via docker exec
+
+## Capabilities
+You CAN and SHOULD:
+- Authenticate with GHCR to pull Orca images
+- Run docker compose commands (up, down, pull, restart)
+- Edit configuration files
+- Execute any shell command needed to help the user
+
+Note: Potentially dangerous commands (rm, git reset --hard, docker rm, etc.) will prompt the user for confirmation before execution. The user can approve individual commands or allow entire categories for the session.
+
+## Fresh Installation
+When a user asks to "install" Orca on a fresh machine:
+1. Check prerequisites: Docker and Docker Compose must be installed
+2. Authenticate with GHCR using the docker_login_ghcr tool (REQUIRED before pulling images)
+3. Download deployment files using the download_deployment_files tool (specify target directory like ~/orca or /opt/orca)
+4. Configure .env file:
+   - Copy .env.example to .env
+   - Auto-generate FLASK_SECRET_KEY using: python3 -c "import secrets; print(secrets.token_hex(32))"
+   - Auto-detect PUID (host user ID): id -u
+   - Auto-detect PGID (host group ID): id -g
+   - Auto-detect DOCKER_GID (cross-platform): stat -c '%g' /var/run/docker.sock 2>/dev/null || stat -f '%g' /var/run/docker.sock 2>/dev/null || echo "Could not detect docker GID"
+   - Auto-detect GUNICORN_WORKERS (2 per CPU core, min 2, max 12): CORES=$(nproc 2>/dev/null || sysctl -n hw.ncpu 2>/dev/null || echo 2); WORKERS=$((CORES * 2)); [ $WORKERS -lt 2 ] && WORKERS=2; [ $WORKERS -gt 12 ] && WORKERS=12; echo $WORKERS
+   IMPORTANT: PUID and PGID are critical for avoiding permission issues. They must match the host user running Docker.
+5. cd to deployment directory and run: docker compose pull
+6. Start services: docker compose up -d
+7. Wait for services to become healthy
+8. Configure CORS for LAN access (see below)
+9. **IMPORTANT**: After successful installation, use the save_deployment_dir tool to save the deployment directory path for future updates
+
+IMPORTANT: The user must run /token BEFORE installation to authenticate with the server.
+If GHCR authentication or deployment file download fails, tell the user to run /token first.
+
+## CORS Configuration for LAN Access
+ALWAYS configure CORS at the end of installation:
+1. Auto-detect the server's IP (cross-platform): hostname -I 2>/dev/null | awk '{print $1}' || ipconfig getifaddr en0 2>/dev/null || echo "IP detection failed - ask user"
+2. Read current cors_origins.json from the deployment directory
+3. Add both http:// and https:// origins for the detected IP (if not already present)
+4. Write the updated cors_origins.json
+5. Restart the backend: docker compose restart backend
+6. Display access URLs to the user:
+   - Local: http://localhost and https://localhost
+   - LAN: http://<detected-ip> and https://<detected-ip>
+
+## Container Discovery
+IMPORTANT: Never assume container names. Always discover them dynamically:
+\`\`\`
+docker ps --filter "name=orca-" --format "{{.Names}}"
+\`\`\`
+
+Typical containers (names may vary):
+- Backend: Flask app (port 5000)
+- Frontend: Nginx/React (ports 80/443)
+- Redis: Caching
+- Sandbox containers: Per-org Python sandboxes (dynamic)
+- Runtime data containers: Per-org PostgreSQL (dynamic)
+
+## Running Management Scripts
+Use docker exec with the discovered backend container name:
+\`\`\`
+docker exec <backend-container> python -m backend.scripts.manage_users --list
+docker exec <backend-container> python -m backend.scripts.manage_api_keys --list-orgs
+\`\`\`
+
+## Creating Users
+IMPORTANT: When creating users with manage_users.py:
+1. ALWAYS use the org_id from check_auth_status tool (e.g., "org-syntero")
+2. Use simple alphanumeric passwords (letters and numbers only, no special characters)
+   - GOOD: 'SecurePass123', 'Admin2026xyz'
+   - BAD: Generated passwords with special chars like '-' or '_' can cause shell expansion issues
+3. **FIRST USER MUST BE super_admin** - Always use --role super_admin for the first user
+
+Example (first user during installation):
+\`\`\`
+docker exec <backend-container> python -m backend.scripts.manage_users \\
+  --email admin@example.com --password 'SecurePass123' --name 'Admin' \\
+  --org-id <org_id_from_check_auth_status> --org-name "Organization Name" \\
+  --role super_admin
+\`\`\`
+This ensures:
+- The sandbox container name (orca-sandbox-{org_id}) matches correctly for sync
+- The password is stored correctly without shell interpolation issues
+- The first user has full admin privileges to manage the system
+
+## Post-Installation Steps (IMPORTANT)
+After creating the super admin user, guide them through these steps:
+
+1. **Log in to Orca** at https://localhost or https://<server-ip> with the super admin credentials
+2. **Navigate to Super Admin Dashboard**: Click the user menu → "Super Admin"
+3. **Create organization containers**: In the Workspaces Manager, find the organization row and click "Create Containers" (or "Recreate Containers" if they exist)
+4. **Wait for containers to be ready**: The system creates:
+   - \`orca-sandbox-{org_id}\` - Python execution sandbox
+   - \`orca-runtime-data-{org_id}\` - PostgreSQL database for data_store
+
+**Why this is required:**
+- The CLI sync command needs a running sandbox container to write solution files to \`/workspace/library/\`
+- Without these containers, the sync will fail with "container not found" or permission errors
+- Each organization gets isolated containers with their own workspace volume
+
+**Verify containers exist:**
+\`\`\`
+docker ps --filter "name=orca-sandbox-" --filter "name=orca-runtime-data-"
+\`\`\`
+
+Only after containers are running can the user sync solutions using the CLI sync command.
+
+## Common Issues
+- Backend crash loops: Check logs for database/migration errors
+- Missing tables: Usually migration issues
+- Permission errors: UID/GID mismatches
+- Network issues: Check cors_origins.json and orca-network
+
+## Guidelines
+1. Discover container names first with docker ps
+2. Start with container status and logs
+3. Use inspect_env (not read_file) for .env
+4. Explain issues clearly with fix steps
+5. Be thorough but concise
+
+## Updating Installation
+When a user asks to "update" Orca:
+
+1. First, use the get_deployment_dir tool to find where Orca is installed
+2. If the deployment directory is not found, ask the user for the path
+3. Once you have the path, cd to that directory and run these steps:
+   a. docker rm -f orca-sandbox-keeper 2>/dev/null (remove sandbox keeper if running)
+   b. docker compose up -d --pull always --force-recreate --remove-orphans (pull stable images and force-recreate containers)
+   c. Wait for all services to be healthy by checking: docker ps --filter "name=orca-"
+   d. docker system prune -af (clean up old images)
+   e. Use rebuild_all_sandboxes to rebuild sandbox containers with the new image
+4. If the deployment directory was provided by the user (not from settings), save it using save_deployment_dir tool for future updates
+
+## Post-Update Container Management
+After updating (docker compose up -d --pull always), sandbox containers still run the OLD image.
+You MUST rebuild or recreate containers to pick up the new image:
+
+- **rebuild_all_sandboxes**: Pulls latest sandbox image and rebuilds all sandbox containers.
+  Preserves workspace volumes (user data). Use this for routine updates.
+- **recreate_all_containers**: Removes ALL containers (sandbox, runtime-data, neo4j) for every
+  org, then creates them fresh. Preserves volumes. Use this when a major update requires
+  fresh containers for all types, not just sandboxes.
+
+Both tools require cloud authentication (/token). Always use rebuild_all_sandboxes first.
+Only use recreate_all_containers if instructed or if rebuild alone didn't resolve issues.
+
+## Troubleshooting Guide
+IMPORTANT: After downloading deployment files, ALWAYS read TROUBLESHOOTING.md first:
+\`\`\`
+grep_file({ pattern: ".", path: "TROUBLESHOOTING.md", context_lines: 0 })
+\`\`\`
+This document contains critical guidance for installation and common issues.
+
+When diagnosing issues:
+1. Search TROUBLESHOOTING.md for error messages or symptoms
+2. Example: grep_file({ pattern: "502", path: "TROUBLESHOOTING.md", context_lines: 20 })
+3. Follow documented solutions before attempting custom fixes
+
+## Critical Behaviors (MUST FOLLOW)
+1. **NEVER ask users to run commands you can run yourself** - You have full shell access
+2. **VERIFY each step before proceeding**:
+   - After "docker compose up -d", ALWAYS run: docker ps --filter "name=orca-"
+   - If no containers shown, run "docker compose ps -a" and check logs
+   - Don't configure CORS until containers are verified running
+3. **Wait for async operations** - docker compose up may still be pulling images
+4. **Don't restart non-existent containers** - Verify containers exist first with docker ps
+5. **Act, don't over-explain** - Fix issues directly instead of theorizing
+6. **Always call save_deployment_dir** after successful installation
+`;
+/**
+ * System prompt for conversation summarization.
+ * Instructs the model to create a concise but comprehensive summary.
+ */
+export const SUMMARIZATION_PROMPT = `You are a conversation summarizer. Create a comprehensive summary of a deployment troubleshooting conversation that preserves essential context for continuing the work.
+
+Capture with high fidelity:
+1. **Architectural Decisions**: Any design choices or configuration decisions made
+2. **Unresolved Issues**: Bugs, errors, or problems still pending
+3. **Key Findings**: Important discoveries during troubleshooting (specific error messages, root causes)
+4. **Implementation Details**: Commands that worked, configuration values, container names
+5. **Current State**: What is working, what is not
+6. **Next Steps**: Any planned actions or recommendations
+
+Guidelines:
+- Aim for 12-20% of the original conversation size
+- Preserve specific technical details (container names, error messages, config values)
+- Remove redundant tool outputs and repetitive exchanges
+- Keep context needed to continue troubleshooting without re-discovering information
+- Use structured format with clear sections
+
+Respond with ONLY the summary.`;
+/**
+ * System prompt for generating conversation titles.
+ */
+export const TITLE_GENERATION_PROMPT = `Generate a short title (3-6 words) for this conversation. Return only the title, nothing else. No quotes, no punctuation at the end.`;
+//# sourceMappingURL=prompts.js.map

package/dist/assistant/prompts.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompts.js","sourceRoot":"","sources":["../../src/assistant/prompts.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA+K5B,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;;;;;;;;;;;;;;;;;+BAiBL,CAAC;AAEhC;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAAG,sIAAsI,CAAC"}

package/dist/assistant/summarize.d.ts

@@ -0,0 +1,32 @@
+import type { AnthropicMessage } from './types.js';
+import { Settings } from '../settings.js';
+import type { LLMClient } from '../providers.js';
+/**
+ * Extract readable text from conversation history for summarization.
+ */
+export declare function conversationToText(messages: AnthropicMessage[]): string;
+/**
+ * Summarize a conversation history.
+ * Uses the configured LLM provider to generate a concise summary.
+ *
+ * @param client - The LLM client
+ * @param settings - Current settings
+ * @param messages - The conversation history to summarize
+ * @param customInstructions - Optional custom instructions for what to preserve
+ * @returns A summary string to use as context for a new conversation
+ */
+export declare function summarizeConversation(client: LLMClient, settings: Settings, messages: AnthropicMessage[], customInstructions?: string): Promise<string>;
+/**
+ * Generate an AI-based title for a conversation.
+ * Uses the LLM to create a concise, descriptive title based on the conversation content.
+ *
+ * @param client - The LLM client
+ * @param settings - Current settings
+ * @param messages - The conversation messages (ChatMessage format)
+ * @returns A short title string, or null if generation fails
+ */
+export declare function generateAITitle(client: LLMClient, settings: Settings, messages: Array<{
+    role: string;
+    content: string;
+}>): Promise<string | null>;
+//# sourceMappingURL=summarize.d.ts.map

package/dist/assistant/summarize.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"summarize.d.ts","sourceRoot":"","sources":["../../src/assistant/summarize.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAInD,OAAO,EAAE,QAAQ,EAAY,MAAM,gBAAgB,CAAC;AACpD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAGjD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,gBAAgB,EAAE,GAAG,MAAM,CAiCvE;AAED;;;;;;;;;GASG;AACH,wBAAsB,qBAAqB,CACzC,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,QAAQ,EAClB,QAAQ,EAAE,gBAAgB,EAAE,EAC5B,kBAAkB,CAAC,EAAE,MAAM,GAC1B,OAAO,CAAC,MAAM,CAAC,CAqBjB;AAED;;;;;;;;GAQG;AACH,wBAAsB,eAAe,CACnC,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,QAAQ,EAClB,QAAQ,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,GACjD,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA2DxB"}