@tetrixdev/ai-bridge 0.1.0

package/dist/cli.js

@@ -0,0 +1,2686 @@
+#!/usr/bin/env node
+
+// src/cli.ts
+import { fileURLToPath } from "url";
+import { Command } from "commander";
+
+// src/bridge.ts
+import { EventEmitter } from "events";
+import crypto2 from "crypto";
+import WebSocket from "ws";
+
+// src/protocol/version.ts
+var PROTOCOL_VERSION = "0.1";
+var BRIDGE_VERSION = "0.1.0";
+
+// src/tools/manager.ts
+import fs from "fs";
+import path from "path";
+import os from "os";
+
+// src/utils/logger.ts
+var LEVEL_PRIORITY = {
+  debug: 0,
+  info: 1,
+  warn: 2,
+  error: 3
+};
+var LEVEL_LABEL = {
+  debug: "DBG",
+  info: "INF",
+  warn: "WRN",
+  error: "ERR"
+};
+var currentLevel = "info";
+function setDebug(enabled) {
+  currentLevel = enabled ? "debug" : "info";
+}
+function isDebugEnabled() {
+  return currentLevel === "debug";
+}
+function formatTimestamp() {
+  return (/* @__PURE__ */ new Date()).toISOString();
+}
+function shouldLog(level) {
+  return LEVEL_PRIORITY[level] >= LEVEL_PRIORITY[currentLevel];
+}
+function formatMessage(level, component, message, meta) {
+  const ts = formatTimestamp();
+  const label = LEVEL_LABEL[level];
+  const metaStr = meta ? " " + JSON.stringify(meta) : "";
+  return `${ts} [${label}] [${component}] ${message}${metaStr}`;
+}
+function createLogger(component) {
+  return {
+    debug(message, meta) {
+      if (shouldLog("debug")) {
+        process.stderr.write(formatMessage("debug", component, message, meta) + "\n");
+      }
+    },
+    info(message, meta) {
+      if (shouldLog("info")) {
+        process.stderr.write(formatMessage("info", component, message, meta) + "\n");
+      }
+    },
+    warn(message, meta) {
+      if (shouldLog("warn")) {
+        process.stderr.write(formatMessage("warn", component, message, meta) + "\n");
+      }
+    },
+    error(message, meta) {
+      if (shouldLog("error")) {
+        process.stderr.write(formatMessage("error", component, message, meta) + "\n");
+      }
+    }
+  };
+}
+
+// src/tools/manager.ts
+var log = createLogger("ToolManager");
+var SAFE_TOOL_NAME_PATTERN = /^[a-zA-Z][a-zA-Z0-9_-]{0,63}$/;
+var RESERVED_TOOL_NAMES = /* @__PURE__ */ new Set([
+  "curl",
+  "wget",
+  "node",
+  "npm",
+  "npx",
+  "bash",
+  "sh",
+  "zsh",
+  "python",
+  "python3",
+  "ruby",
+  "perl",
+  "git",
+  "ssh",
+  "scp",
+  "cat",
+  "ls",
+  "rm",
+  "cp",
+  "mv",
+  "chmod",
+  "chown",
+  "mkdir",
+  "kill",
+  "ps",
+  "env",
+  "sudo",
+  "su",
+  "tar",
+  "gzip",
+  "gunzip",
+  "openssl",
+  "nc",
+  "ncat",
+  "netcat",
+  "socat",
+  "find",
+  "grep",
+  "awk",
+  "sed",
+  "echo",
+  "printf",
+  "head",
+  "tail",
+  "wc",
+  "tee",
+  "test",
+  "true",
+  "false",
+  "xargs",
+  "sort",
+  "uniq",
+  "cut",
+  "tr",
+  "make"
+]);
+var ToolManager = class {
+  tools = /* @__PURE__ */ new Map();
+  scriptDir = null;
+  /** Names of tools most recently rejected by register(). */
+  rejectedTools = [];
+  /**
+   * Register tool definitions received from the server.
+   * Replaces any previously registered tools.
+   * Tool names are validated against a safe pattern and denylist.
+   */
+  register(tools) {
+    this.tools.clear();
+    const rejectedTools = [];
+    for (const tool of tools) {
+      if (!SAFE_TOOL_NAME_PATTERN.test(tool.name)) {
+        log.error("Rejected tool with unsafe name", {
+          name: tool.name.substring(0, 100),
+          reason: "Tool names must start with a letter and be 1-64 chars of alphanumeric/underscore/hyphen"
+        });
+        rejectedTools.push(tool.name.substring(0, 100));
+        continue;
+      }
+      if (RESERVED_TOOL_NAMES.has(tool.name.toLowerCase())) {
+        log.error("Rejected tool with reserved name", {
+          name: tool.name,
+          reason: "Tool name conflicts with a system binary"
+        });
+        rejectedTools.push(tool.name);
+        continue;
+      }
+      this.tools.set(tool.name, tool);
+    }
+    this.rejectedTools = rejectedTools;
+    if (rejectedTools.length > 0) {
+      log.warn("Tools rejected by name validation", {
+        count: rejectedTools.length,
+        names: rejectedTools
+      });
+    }
+    log.info("Registered tools", { accepted: this.tools.size, total: tools.length, names: Array.from(this.tools.keys()) });
+  }
+  /**
+   * Return the list of tool names rejected during the last register() call.
+   */
+  getRejectedToolNames() {
+    return this.rejectedTools;
+  }
+  /**
+   * Get a tool definition by name.
+   */
+  get(name) {
+    return this.tools.get(name);
+  }
+  /**
+   * Get all registered tool definitions.
+   */
+  getAll() {
+    return Array.from(this.tools.values());
+  }
+  /**
+   * Returns the number of registered tools.
+   */
+  count() {
+    return this.tools.size;
+  }
+  /**
+   * Returns the set of registered tool names.
+   * Useful for passing to ToolCallbackServer for validation.
+   */
+  getRegisteredNames() {
+    return new Set(this.tools.keys());
+  }
+  /**
+   * Generate temporary Bash wrapper scripts for all registered tools.
+   *
+   * Each script, when invoked by a CLI tool, will:
+   *   1. Collect arguments as JSON
+   *   2. Send them to the bridge process via a local HTTP callback
+   *   3. Wait for the result
+   *   4. Print the result to stdout
+   *
+   * @param callbackPort  The local HTTP port the bridge is listening on
+   *                      for tool call callbacks from spawned scripts.
+   * @param secret        Optional bearer token for callback server auth.
+   * @param timeoutMs     HTTP timeout for the callback request in ms.  Should
+   *                      match the server-configured request_timeout so the
+   *                      bash script does not outlive the bridge-side timeout.
+   *                      Defaults to 300 000 ms (5 min).
+   * @returns The path to the temporary directory containing the scripts.
+   */
+  generateScripts(callbackPort, secret, timeoutMs = 3e5) {
+    this.cleanupScripts();
+    this.scriptDir = fs.mkdtempSync(path.join(os.tmpdir(), "ai-bridge-tools-"));
+    log.debug("Created tool script directory", { dir: this.scriptDir });
+    for (const tool of this.tools.values()) {
+      const scriptPath = path.join(this.scriptDir, tool.name);
+      const scriptContent = this.buildScript(tool, callbackPort, secret, timeoutMs);
+      fs.writeFileSync(scriptPath, scriptContent, { mode: 448 });
+      log.debug("Generated tool script", { tool: tool.name, path: scriptPath });
+    }
+    return this.scriptDir;
+  }
+  /**
+   * Get the directory containing generated tool scripts, or null if
+   * scripts have not been generated yet.
+   */
+  getScriptDir() {
+    return this.scriptDir;
+  }
+  /**
+   * Remove all generated tool scripts and the temp directory.
+   */
+  cleanupScripts() {
+    if (this.scriptDir) {
+      try {
+        fs.rmSync(this.scriptDir, { recursive: true, force: true });
+        log.debug("Cleaned up tool script directory", { dir: this.scriptDir });
+      } catch (err) {
+        log.warn("Failed to clean up tool scripts", {
+          dir: this.scriptDir,
+          error: err instanceof Error ? err.message : String(err)
+        });
+      }
+      this.scriptDir = null;
+    }
+  }
+  /**
+   * Build the Bash script content for a single tool.
+   *
+   * Embeds the bearer token for callback server authentication.  Tool names
+   * are pre-validated by register() so they are safe to embed; tool
+   * descriptions are NOT included to prevent injection.
+   */
+  buildScript(tool, callbackPort, secret, timeoutMs = 3e5) {
+    const secretArg = secret ?? "";
+    return `#!/usr/bin/env bash
+# Auto-generated tool wrapper: ${tool.name}
+# DO NOT EDIT \u2014 regenerated on each bridge session.
+
+set -euo pipefail
+
+# Read arguments from stdin (the standard way AI CLIs pass tool args).
+STDIN_DATA=""
+if [ ! -t 0 ]; then
+  STDIN_DATA=$(cat)
+fi
+
+# Single Node.js invocation for input parsing, payload building, HTTP call,
+# and output extraction.
+node -e '
+const http = require("http");
+const stdinData = process.argv[1];
+const toolName = process.argv[2];
+const toolCallId = process.argv[3];
+const requestId = process.argv[4];
+const secret = process.argv[5];
+
+// Parse stdin as JSON, fall back to wrapping as {input: ...}
+let args = {};
+if (stdinData) {
+  try { args = JSON.parse(stdinData); } catch { args = { input: stdinData }; }
+}
+
+const payload = JSON.stringify({
+  tool_name: toolName,
+  tool_call_id: toolCallId,
+  arguments: args,
+  request_id: requestId
+});
+
+const headers = { "Content-Type": "application/json", "Content-Length": Buffer.byteLength(payload) };
+if (secret) headers["Authorization"] = "Bearer " + secret;
+
+const req = http.request({ hostname: "127.0.0.1", port: ${callbackPort}, path: "/tool-call", method: "POST", headers, timeout: ${timeoutMs} }, (res) => {
+  let body = "";
+  res.on("data", (c) => { body += c; });
+  res.on("end", () => {
+    try {
+      const r = JSON.parse(body);
+      if (r.error) { process.stderr.write(r.error + "\\n"); process.exit(1); }
+      process.stdout.write(r.result != null ? String(r.result) : "");
+    } catch {
+      process.stderr.write("Tool call failed: invalid response from bridge\\n");
+      process.exit(1);
+    }
+  });
+});
+req.on("error", (e) => { process.stderr.write("Tool call failed: " + e.message + "\\n"); process.exit(1); });
+req.write(payload);
+req.end();
+// The $RANDOM-based ID here is discarded \u2014 the callback server overrides it
+// with a cryptographically strong UUID before use.
+' "$STDIN_DATA" "${tool.name}" "tc_\${RANDOM}\${RANDOM}" "\${AI_BRIDGE_REQUEST_ID:-}" "${secretArg}"
+`;
+  }
+};
+
+// src/tools/resolver.ts
+var log2 = createLogger("ToolResolver");
+var ToolResolver = class {
+  pending = /* @__PURE__ */ new Map();
+  timeoutMs;
+  constructor(timeoutMs = 3e5) {
+    this.timeoutMs = timeoutMs;
+  }
+  /**
+   * Update the timeout duration (e.g. from the server's request_timeout config).
+   */
+  setTimeoutMs(ms) {
+    this.timeoutMs = ms;
+    log2.debug("Tool resolver timeout updated", { timeoutMs: ms });
+  }
+  /**
+   * Initiate a tool call and wait for the server's response.
+   *
+   * @param sendFn     Function to send the tool_call over WebSocket.
+   * @param requestId  The parent AI request ID.
+   * @param toolCallId Unique ID for this tool invocation.
+   * @param toolName   Name of the tool being called.
+   * @param args       Tool arguments.
+   * @returns The tool result from the server.
+   * @throws If the server returns a tool_error or the call times out.
+   */
+  call(sendFn, requestId, toolCallId, toolName, args) {
+    return new Promise((resolve, reject) => {
+      const timer = setTimeout(() => {
+        this.pending.delete(toolCallId);
+        const seconds = Math.round(this.timeoutMs / 1e3);
+        const minutes = Math.round(seconds / 60);
+        const humanDuration = seconds >= 60 ? `${minutes} ${minutes === 1 ? "minute" : "minutes"}` : `${seconds}s`;
+        reject(new Error(`Tool call ${toolName} (${toolCallId}) timed out after ${humanDuration}`));
+      }, this.timeoutMs);
+      this.pending.set(toolCallId, {
+        toolCallId,
+        toolName,
+        resolve,
+        reject,
+        timer
+      });
+      log2.debug("Sending tool call to server", { requestId, toolCallId, toolName });
+      sendFn(requestId, toolCallId, toolName, args);
+    });
+  }
+  /**
+   * Resolve a pending tool call with a successful result.
+   * Called by the Bridge when a `tool_resolve` message arrives.
+   */
+  resolve(toolCallId, result) {
+    const pending = this.pending.get(toolCallId);
+    if (!pending) {
+      log2.warn("Received tool_resolve for unknown tool_call_id", { toolCallId });
+      return false;
+    }
+    clearTimeout(pending.timer);
+    this.pending.delete(toolCallId);
+    log2.debug("Tool call resolved", { toolCallId, toolName: pending.toolName });
+    pending.resolve(result);
+    return true;
+  }
+  /**
+   * Reject a pending tool call with an error.
+   * Called by the Bridge when a `tool_error` message arrives.
+   */
+  reject(toolCallId, error) {
+    const pending = this.pending.get(toolCallId);
+    if (!pending) {
+      log2.warn("Received tool_error for unknown tool_call_id", { toolCallId });
+      return false;
+    }
+    clearTimeout(pending.timer);
+    this.pending.delete(toolCallId);
+    log2.debug("Tool call rejected", { toolCallId, toolName: pending.toolName, error });
+    pending.reject(new Error(`Tool error (${pending.toolName}): ${error}`));
+    return true;
+  }
+  /**
+   * Cancel all pending tool calls (e.g., on disconnect).
+   */
+  cancelAll() {
+    for (const [id, pending] of this.pending) {
+      clearTimeout(pending.timer);
+      pending.reject(new Error("Tool call cancelled \u2014 bridge disconnected"));
+    }
+    const count = this.pending.size;
+    this.pending.clear();
+    if (count > 0) {
+      log2.info("Cancelled all pending tool calls", { count });
+    }
+  }
+  /**
+   * Returns the number of tool calls currently awaiting resolution.
+   */
+  pendingCount() {
+    return this.pending.size;
+  }
+};
+
+// src/tools/callback-server.ts
+import http from "http";
+import crypto from "crypto";
+var log3 = createLogger("ToolCallbackServer");
+var MAX_BODY_SIZE = 1048576;
+var ToolCallbackServer = class {
+  constructor(toolResolver, sendFn, registeredToolNames, secret) {
+    this.toolResolver = toolResolver;
+    this.sendFn = sendFn;
+    if (registeredToolNames) {
+      this.registeredToolNames = registeredToolNames;
+    }
+    this.secret = secret ?? null;
+  }
+  toolResolver;
+  sendFn;
+  server = null;
+  port = null;
+  /** Set of registered tool names for validation. */
+  registeredToolNames = null;
+  /** Shared secret for authenticating callback requests. */
+  secret;
+  /**
+   * Set the registered tool names for validation.
+   * Tool calls with names not in this set will be rejected.
+   */
+  setRegisteredToolNames(names) {
+    this.registeredToolNames = names;
+  }
+  /**
+   * Start the local HTTP server on a random available port.
+   */
+  async start() {
+    if (this.server) {
+      return this.port;
+    }
+    return new Promise((resolve, reject) => {
+      this.server = http.createServer((req, res) => {
+        this.handleRequest(req, res);
+      });
+      this.server.listen(0, "127.0.0.1", () => {
+        const addr = this.server.address();
+        if (addr && typeof addr === "object") {
+          this.port = addr.port;
+          log3.info("Tool callback server started", { port: this.port });
+          resolve(this.port);
+        } else {
+          reject(new Error("Failed to get server address"));
+        }
+      });
+      this.server.on("error", (err) => {
+        log3.error("Tool callback server error", { error: err.message });
+        reject(err);
+      });
+    });
+  }
+  /**
+   * Stop the callback server.
+   */
+  async stop() {
+    if (!this.server) return;
+    return new Promise((resolve) => {
+      this.server.close(() => {
+        log3.info("Tool callback server stopped");
+        this.server = null;
+        this.port = null;
+        resolve();
+      });
+    });
+  }
+  /**
+   * Get the port the server is listening on, or null if not started.
+   */
+  getPort() {
+    return this.port;
+  }
+  /**
+   * Handle incoming HTTP requests from tool wrapper scripts.
+   */
+  handleRequest(req, res) {
+    if (req.method !== "POST" || req.url !== "/tool-call") {
+      res.writeHead(404, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Not found" }));
+      return;
+    }
+    if (this.secret) {
+      const authHeader = req.headers["authorization"];
+      const expected = `Bearer ${this.secret}`;
+      if (!authHeader || authHeader.length !== expected.length || !crypto.timingSafeEqual(Buffer.from(authHeader), Buffer.from(expected))) {
+        res.writeHead(401, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Unauthorized" }));
+        return;
+      }
+    }
+    let body = "";
+    let bodyLength = 0;
+    req.on("data", (chunk) => {
+      bodyLength += chunk.length;
+      if (bodyLength > MAX_BODY_SIZE) {
+        res.writeHead(413, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: "Request body too large" }));
+        req.destroy();
+        return;
+      }
+      body += chunk.toString();
+    });
+    req.on("end", () => {
+      if (bodyLength > MAX_BODY_SIZE) return;
+      this.processToolCall(body, res).catch((err) => {
+        log3.error("Failed to process tool call", {
+          error: err instanceof Error ? err.message : String(err)
+        });
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
+      });
+    });
+  }
+  async processToolCall(body, res) {
+    let parsed;
+    try {
+      parsed = JSON.parse(body);
+    } catch {
+      res.writeHead(400, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Invalid JSON" }));
+      return;
+    }
+    const { tool_name, arguments: args } = parsed;
+    const requestId = parsed.request_id;
+    if (!requestId) {
+      res.writeHead(400, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Missing request_id \u2014 tool call cannot be routed" }));
+      return;
+    }
+    if (this.registeredToolNames && !this.registeredToolNames.has(tool_name)) {
+      res.writeHead(400, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: `Unknown tool: ${tool_name}` }));
+      return;
+    }
+    const toolCallId = `tc_${crypto.randomUUID().replace(/-/g, "").slice(0, 12)}`;
+    log3.debug("Tool call received via HTTP callback", { tool_name, toolCallId, requestId });
+    try {
+      const result = await this.toolResolver.call(
+        this.sendFn,
+        requestId,
+        toolCallId,
+        tool_name,
+        args ?? {}
+      );
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ result: typeof result === "string" ? result : JSON.stringify(result) }));
+    } catch (err) {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: err instanceof Error ? err.message : String(err) }));
+    }
+  }
+};
+
+// src/session/store.ts
+import fs2 from "fs";
+import path2 from "path";
+import os2 from "os";
+var log4 = createLogger("SessionStore");
+var DEFAULT_TTL_MS = 7 * 24 * 60 * 60 * 1e3;
+var SessionStore = class {
+  dir;
+  filePath;
+  ttlMs;
+  data;
+  constructor(ttlMs = DEFAULT_TTL_MS) {
+    this.dir = path2.join(os2.homedir(), ".ai-bridge");
+    this.filePath = path2.join(this.dir, "sessions.json");
+    this.ttlMs = ttlMs;
+    this.data = {};
+    this.load();
+  }
+  // -------------------------------------------------------------------------
+  // Public API
+  // -------------------------------------------------------------------------
+  /**
+   * Look up the CLI session ID for a given conversation.
+   * Returns null if not found or expired.
+   */
+  get(conversationId) {
+    const record = this.data[conversationId];
+    if (!record) return null;
+    if (this.isExpired(record)) {
+      delete this.data[conversationId];
+      this.persist();
+      return null;
+    }
+    record.last_used_at = (/* @__PURE__ */ new Date()).toISOString();
+    return record.cli_session_id;
+  }
+  /**
+   * Store a mapping from conversation_id to cli_session_id.
+   * @param systemPrompt  The system prompt used for the first message in this
+   *   conversation.  Stored so session resets can restore it even when the
+   *   server omits system_prompt from the session_reset message.
+   */
+  set(conversationId, cliSessionId, provider, systemPrompt) {
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const existing = this.data[conversationId];
+    this.data[conversationId] = {
+      cli_session_id: cliSessionId,
+      provider,
+      // Preserve the original created_at when updating an existing record —
+      // every resumed request calls set() again.
+      created_at: existing?.created_at ?? now,
+      last_used_at: now,
+      // Only overwrite system_prompt when a non-null value is supplied;
+      // follow-up requests carry no system_prompt and must not erase it.
+      system_prompt: systemPrompt ?? existing?.system_prompt ?? null
+    };
+    this.persist();
+    log4.debug("Session stored", { conversationId, cliSessionId, provider });
+  }
+  /**
+   * Retrieve the stored system prompt for a conversation.
+   * Returns null if not found or if no system_prompt was stored.
+   */
+  getSystemPrompt(conversationId) {
+    return this.data[conversationId]?.system_prompt ?? null;
+  }
+  /**
+   * Remove a specific conversation mapping.
+   */
+  delete(conversationId) {
+    if (this.data[conversationId]) {
+      delete this.data[conversationId];
+      this.persist();
+      log4.debug("Session deleted", { conversationId });
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Flush the current in-memory state to disk immediately.  Call on bridge
+   * shutdown to persist last_used_at updates made in memory via get(), which
+   * would otherwise be lost and could make active sessions appear expired.
+   */
+  flush() {
+    this.persist();
+    log4.debug("Session store flushed to disk", { count: Object.keys(this.data).length });
+  }
+  /**
+   * Remove all expired sessions. Returns the number of pruned entries.
+   */
+  prune() {
+    const now = Date.now();
+    let pruned = 0;
+    for (const [id, record] of Object.entries(this.data)) {
+      if (this.isExpired(record, now)) {
+        delete this.data[id];
+        pruned++;
+      }
+    }
+    if (pruned > 0) {
+      this.persist();
+      log4.info("Pruned expired sessions", { count: pruned });
+    }
+    return pruned;
+  }
+  /**
+   * Returns the number of active (non-expired) sessions.
+   */
+  size() {
+    const now = Date.now();
+    return Object.values(this.data).filter((record) => !this.isExpired(record, now)).length;
+  }
+  // -------------------------------------------------------------------------
+  // Internals
+  // -------------------------------------------------------------------------
+  isExpired(record, now = Date.now()) {
+    const lastUsed = new Date(record.last_used_at).getTime();
+    return now - lastUsed > this.ttlMs;
+  }
+  load() {
+    try {
+      if (fs2.existsSync(this.filePath)) {
+        const raw = fs2.readFileSync(this.filePath, "utf-8");
+        const parsed = JSON.parse(raw);
+        if (parsed && typeof parsed === "object") {
+          if ("version" in parsed && "sessions" in parsed) {
+            const oldSessions = parsed.sessions;
+            let migrateSkipped = 0;
+            for (const [id, rec] of Object.entries(oldSessions)) {
+              if (!rec.cli_session_id || typeof rec.cli_session_id !== "string") {
+                log4.warn("Skipping migrated session record with missing cli_session_id", { id });
+                migrateSkipped++;
+                continue;
+              }
+              const rawLastUsed = typeof rec.last_used_at === "number" ? rec.last_used_at : new Date(rec.last_used_at ?? "").getTime();
+              if (Number.isNaN(rawLastUsed)) {
+                log4.warn("Skipping migrated session record with invalid last_used_at", { id, last_used_at: rec.last_used_at });
+                migrateSkipped++;
+                continue;
+              }
+              this.data[id] = {
+                cli_session_id: rec.cli_session_id,
+                provider: rec.provider ?? rec.provider_id ?? "unknown",
+                created_at: typeof rec.created_at === "number" ? new Date(rec.created_at).toISOString() : rec.created_at,
+                last_used_at: typeof rec.last_used_at === "number" ? new Date(rec.last_used_at).toISOString() : rec.last_used_at
+              };
+            }
+            if (migrateSkipped > 0) {
+              log4.warn("Skipped invalid session records during migration", { count: migrateSkipped });
+            }
+            log4.debug("Migrated sessions from old format", { count: Object.keys(this.data).length });
+            this.persist();
+          } else {
+            const rawSessions = parsed;
+            let skipped = 0;
+            for (const [id, rec] of Object.entries(rawSessions)) {
+              const r = rec;
+              if (!r.cli_session_id || typeof r.cli_session_id !== "string") {
+                log4.warn("Skipping session record with missing cli_session_id", { id });
+                skipped++;
+                continue;
+              }
+              const lastUsed = new Date(r.last_used_at ?? "").getTime();
+              if (Number.isNaN(lastUsed)) {
+                log4.warn("Skipping session record with invalid last_used_at", { id, last_used_at: r.last_used_at });
+                skipped++;
+                continue;
+              }
+              this.data[id] = r;
+            }
+            if (skipped > 0) {
+              log4.warn("Skipped invalid session records on load", { count: skipped });
+            }
+            log4.debug("Sessions loaded from disk", { count: Object.keys(this.data).length });
+          }
+        }
+      }
+    } catch (err) {
+      log4.error("Failed to load sessions file \u2014 starting with empty session store", {
+        error: err instanceof Error ? err.message : String(err)
+      });
+      try {
+        if (fs2.existsSync(this.filePath)) {
+          const bakPath = this.filePath + ".bak";
+          fs2.copyFileSync(this.filePath, bakPath);
+          log4.error("Corrupted sessions file saved as backup", { backupPath: bakPath });
+        }
+      } catch {
+      }
+    }
+    this.prune();
+  }
+  // persist() uses synchronous file I/O intentionally: it is called at most
+  // once per completed request, and a single SSD write is negligible next to
+  // the multi-second CLI invocations it bookends.
+  persist() {
+    try {
+      if (!fs2.existsSync(this.dir)) {
+        fs2.mkdirSync(this.dir, { recursive: true, mode: 448 });
+      }
+      fs2.writeFileSync(this.filePath, JSON.stringify(this.data, null, 2), { encoding: "utf-8", mode: 384 });
+    } catch (err) {
+      log4.error("Failed to persist sessions file", {
+        error: err instanceof Error ? err.message : String(err)
+      });
+    }
+  }
+};
+
+// src/utils/clamp.ts
+var REQUEST_TIMEOUT_MIN_S = 10;
+var REQUEST_TIMEOUT_MAX_S = 3600;
+var HEARTBEAT_MIN_S = 5;
+var HEARTBEAT_MAX_S = 300;
+function clampRequestTimeout(raw) {
+  return Math.min(Math.max(raw, REQUEST_TIMEOUT_MIN_S), REQUEST_TIMEOUT_MAX_S);
+}
+function clampHeartbeat(raw) {
+  return Math.min(Math.max(raw, HEARTBEAT_MIN_S), HEARTBEAT_MAX_S);
+}
+
+// src/errors.ts
+var FatalBridgeError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "FatalBridgeError";
+  }
+};
+
+// src/bridge.ts
+var log5 = createLogger("Bridge");
+var DEFAULT_HEARTBEAT_SECONDS = 30;
+var DEFAULT_REQUEST_TIMEOUT_SECONDS = 300;
+var MAX_RECONNECT_ATTEMPTS = 100;
+var BASE_RECONNECT_DELAY_MS = 1e3;
+var MAX_RECONNECT_DELAY_MS = 15e3;
+function escapeXml(text) {
+  return text.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
+}
+function buildSessionResetRequest(originalMsg, currentSystemPrompt) {
+  const { request_id, conversation_id, provider, history, options } = originalMsg;
+  const validRoles = /* @__PURE__ */ new Set(["user", "assistant", "system"]);
+  const unexpectedRoles = history.map((h) => h.role).filter((role) => !validRoles.has(role));
+  if (unexpectedRoles.length > 0) {
+    log5.warn("Session reset history contains unexpected role values", {
+      unexpectedRoles: [...new Set(unexpectedRoles)]
+    });
+  }
+  const lastUserIdx = history.findLastIndex((h) => h.role === "user");
+  if (lastUserIdx === -1) {
+    return null;
+  }
+  const lastUserMessage = history[lastUserIdx];
+  const rawPriorHistory = history.slice(0, lastUserIdx);
+  const priorHistory = rawPriorHistory.filter((h) => validRoles.has(h.role));
+  let enhancedSystemPrompt;
+  if (priorHistory.length > 0) {
+    const historyXml = priorHistory.map((h) => `<message role="${escapeXml(h.role)}">${escapeXml(h.content)}</message>`).join("\n");
+    const historyBlock = `<conversation_history>
+${historyXml}
+</conversation_history>`;
+    enhancedSystemPrompt = currentSystemPrompt ? `${currentSystemPrompt}
+
+${historyBlock}` : historyBlock;
+  } else {
+    enhancedSystemPrompt = currentSystemPrompt;
+  }
+  return {
+    type: "ai_request",
+    request_id,
+    conversation_id,
+    provider,
+    message: lastUserMessage.content,
+    system_prompt: enhancedSystemPrompt,
+    options
+  };
+}
+var Bridge = class extends EventEmitter {
+  ws = null;
+  serverUrl;
+  token;
+  providers;
+  adapters;
+  toolManager = new ToolManager();
+  toolResolver = new ToolResolver();
+  sessionStore = new SessionStore();
+  callbackServer;
+  testMode;
+  onTestRequest;
+  sessionId = null;
+  serverConfig = {
+    heartbeat_interval: DEFAULT_HEARTBEAT_SECONDS,
+    request_timeout: DEFAULT_REQUEST_TIMEOUT_SECONDS
+  };
+  /** Timer to detect a missing welcome message after hello is sent. */
+  welcomeTimeoutTimer = null;
+  heartbeatTimer = null;
+  pongTimeoutTimer = null;
+  awaitingPong = false;
+  reconnectAttempts = 0;
+  reconnectTimer = null;
+  isShuttingDown = false;
+  activeRequests = /* @__PURE__ */ new Map();
+  /**
+   * Request IDs aborted because the WebSocket dropped while they were in
+   * flight. No terminal event could be sent over the closed socket, so on the
+   * next welcome these are replayed as session_expired errors to release the
+   * browser's loading state.
+   */
+  abortedRequestIds = [];
+  /** Random secret for authenticating tool callback HTTP requests. */
+  callbackSecret;
+  constructor(options) {
+    super();
+    this.serverUrl = options.serverUrl;
+    this.token = options.token;
+    this.providers = options.providers;
+    this.adapters = options.adapters;
+    this.testMode = options.testMode ?? false;
+    this.onTestRequest = options.onTestRequest;
+    this.callbackSecret = crypto2.randomBytes(32).toString("hex");
+    const sendFn = (reqId, tcId, tName, tArgs) => {
+      this.send({
+        type: "tool_call",
+        request_id: reqId,
+        tool_call_id: tcId,
+        tool_name: tName,
+        arguments: tArgs
+      });
+    };
+    this.callbackServer = new ToolCallbackServer(
+      this.toolResolver,
+      sendFn,
+      new Set(this.toolManager.getAll().map((t) => t.name)),
+      this.callbackSecret
+    );
+  }
+  // -------------------------------------------------------------------------
+  // Connection Lifecycle
+  // -------------------------------------------------------------------------
+  /**
+   * Initiate the WebSocket connection to the server.
+   *
+   * The token is sent as an Authorization: Bearer header so it does NOT appear
+   * in server/proxy access logs.  It is also kept in the URL query parameter as
+   * a backward-compatible fallback for servers that have not yet adopted the
+   * header-based flow.
+   *
+   * NOTE: When passing --token on the command line the value is still visible
+   * in process listings (ps aux).  Prefer the AI_BRIDGE_TOKEN environment
+   * variable to avoid this.
+   */
+  connect() {
+    if (this.ws) {
+      log5.warn("connect() called while already connected \u2014 ignoring");
+      return;
+    }
+    const url = new URL(this.serverUrl);
+    url.searchParams.set("token", this.token);
+    const wsUrl = url.toString();
+    log5.info("Connecting to server", { url: this.serverUrl });
+    this.ws = new WebSocket(wsUrl, {
+      headers: {
+        "User-Agent": `ai-bridge/${BRIDGE_VERSION}`,
+        // Send token via Authorization header (not visible in proxy logs)
+        "Authorization": `Bearer ${this.token}`
+      },
+      // Limit incoming message size to 10MB to prevent memory exhaustion
+      maxPayload: 10 * 1024 * 1024
+    });
+    this.ws.on("open", this.onOpen.bind(this));
+    this.ws.on("message", this.onMessage.bind(this));
+    this.ws.on("close", this.onClose.bind(this));
+    this.ws.on("error", this.onError.bind(this));
+  }
+  /**
+   * Gracefully disconnect from the server.
+   */
+  async disconnect() {
+    this.isShuttingDown = true;
+    this.stopHeartbeat();
+    this.clearReconnectTimer();
+    this.toolResolver.cancelAll();
+    this.toolManager.cleanupScripts();
+    await this.callbackServer.stop();
+    this.sessionStore.flush();
+    for (const [id, controller] of this.activeRequests) {
+      controller.abort();
+      log5.debug("Cancelled active request", { requestId: id });
+    }
+    this.activeRequests.clear();
+    if (this.ws) {
+      if (this.ws.readyState === WebSocket.OPEN) {
+        this.ws.close(1e3, "Bridge shutting down");
+      }
+      this.ws = null;
+    }
+    log5.info("Bridge disconnected");
+  }
+  /**
+   * Returns true if the WebSocket is currently open.
+   */
+  isConnected() {
+    return this.ws?.readyState === WebSocket.OPEN;
+  }
+  // -------------------------------------------------------------------------
+  // WebSocket Event Handlers
+  // -------------------------------------------------------------------------
+  onOpen() {
+    log5.info("WebSocket connected");
+    this.reconnectAttempts = 0;
+    this.emit("connected");
+    this.sendHello();
+  }
+  onMessage(data) {
+    let message;
+    try {
+      message = JSON.parse(data.toString());
+    } catch (err) {
+      log5.error("Failed to parse server message", {
+        error: err instanceof Error ? err.message : String(err)
+      });
+      return;
+    }
+    log5.debug("Received message", { type: message.type });
+    switch (message.type) {
+      case "welcome":
+        this.handleWelcome(message);
+        break;
+      case "ai_request":
+        this.handleAiRequest(message);
+        break;
+      case "session_reset":
+        this.handleSessionReset(message);
+        break;
+      case "tool_resolve":
+        this.toolResolver.resolve(message.tool_call_id, message.result);
+        break;
+      case "tool_error":
+        this.toolResolver.reject(message.tool_call_id, message.error);
+        break;
+      case "pong":
+        log5.debug("Pong received", { timestamp: message.timestamp });
+        this.awaitingPong = false;
+        if (this.pongTimeoutTimer) {
+          clearTimeout(this.pongTimeoutTimer);
+          this.pongTimeoutTimer = null;
+        }
+        break;
+      case "error":
+        this.handleServerError(message);
+        break;
+      default:
+        log5.warn("Unknown message type received", { type: message.type });
+    }
+  }
+  onClose(code, reason) {
+    const reasonStr = reason.toString();
+    log5.info("WebSocket closed", { code, reason: reasonStr });
+    this.stopHeartbeat();
+    if (this.welcomeTimeoutTimer) {
+      clearTimeout(this.welcomeTimeoutTimer);
+      this.welcomeTimeoutTimer = null;
+    }
+    this.ws = null;
+    this.sessionId = null;
+    this.toolResolver.cancelAll();
+    if (!this.isShuttingDown) {
+      for (const [id, controller] of this.activeRequests) {
+        controller.abort();
+        this.abortedRequestIds.push(id);
+        log5.debug("Aborted active request on disconnect", { requestId: id });
+      }
+      this.activeRequests.clear();
+    }
+    this.emit("disconnected", code, reasonStr);
+    if (!this.isShuttingDown) {
+      if (code === 4001) {
+        this.toolManager.cleanupScripts();
+        this.callbackServer.stop().catch(() => {
+        });
+        this.isShuttingDown = true;
+        this.emit(
+          "error",
+          new FatalBridgeError(
+            "Connection rejected: invalid or expired token. Generate a new token from your application's dashboard and restart the bridge."
+          )
+        );
+        return;
+      }
+      this.scheduleReconnect();
+    }
+  }
+  onError(err) {
+    log5.error("WebSocket error", { error: err.message });
+    this.emit("error", err);
+  }
+  // -------------------------------------------------------------------------
+  // Protocol Handlers
+  // -------------------------------------------------------------------------
+  /**
+   * Send hello message per PROTOCOL.md:
+   * { type: "hello", version, bridge_version, providers[] }
+   * NO token field — token is in the URL query param.
+   * NO id field on providers — just name.
+   */
+  sendHello() {
+    const hello = {
+      type: "hello",
+      version: PROTOCOL_VERSION,
+      bridge_version: BRIDGE_VERSION,
+      providers: this.providers
+    };
+    this.send(hello);
+    log5.info("Hello sent", {
+      protocol: PROTOCOL_VERSION,
+      providers: this.providers.filter((p) => p.available).map((p) => p.name)
+    });
+    this.welcomeTimeoutTimer = setTimeout(() => {
+      this.welcomeTimeoutTimer = null;
+      if (!this.sessionId && !this.isShuttingDown) {
+        log5.error("Welcome message not received within 15 seconds after hello \u2014 reconnecting");
+        this.ws?.close(4e3, "Welcome timeout");
+      }
+    }, 15e3);
+  }
+  async handleWelcome(message) {
+    if (this.welcomeTimeoutTimer) {
+      clearTimeout(this.welcomeTimeoutTimer);
+      this.welcomeTimeoutTimer = null;
+    }
+    this.sessionId = message.session_id;
+    this.serverConfig = message.config;
+    if (message.protocol_version) {
+      const serverMajor = message.protocol_version.split(".")[0];
+      const bridgeMajor = PROTOCOL_VERSION.split(".")[0];
+      if (serverMajor !== bridgeMajor) {
+        log5.warn("Protocol version mismatch \u2014 major versions differ", {
+          server: message.protocol_version,
+          bridge: PROTOCOL_VERSION
+        });
+      }
+    }
+    if (message.config.request_timeout) {
+      const raw = message.config.request_timeout;
+      const clamped = clampRequestTimeout(raw);
+      if (clamped !== raw) {
+        log5.warn("Server request_timeout is outside safe range \u2014 clamping", {
+          received: raw,
+          clamped
+        });
+      }
+      this.toolResolver.setTimeoutMs(clamped * 1e3);
+      this.serverConfig.request_timeout = clamped;
+    }
+    this.toolManager.register(message.tools);
+    this.callbackServer.setRegisteredToolNames(this.toolManager.getRegisteredNames());
+    const rejectedTools = this.toolManager.getRejectedToolNames();
+    if (rejectedTools.length > 0) {
+      this.send({
+        type: "error",
+        request_id: "setup",
+        code: "tool_rejected",
+        message: `The following tools were rejected by the bridge due to unsafe or reserved names and will be unavailable: ${rejectedTools.join(", ")}`,
+        fatal: false
+      });
+    }
+    if (message.tools.length > 0) {
+      try {
+        await this.callbackServer.start();
+        const port = this.callbackServer.getPort();
+        if (port) {
+          this.toolManager.generateScripts(port, this.callbackSecret, this.serverConfig.request_timeout * 1e3);
+          log5.info("Tool scripts generated", {
+            count: message.tools.length,
+            callbackPort: port,
+            scriptDir: this.toolManager.getScriptDir()
+          });
+        }
+      } catch (err) {
+        log5.error("Failed to set up tool callback server", {
+          error: err instanceof Error ? err.message : String(err)
+        });
+        this.send({
+          type: "error",
+          request_id: "setup",
+          code: "tool_setup_failed",
+          message: `Tool callback server failed to start \u2014 tool calls will not work for this session: ${err instanceof Error ? err.message : String(err)}`,
+          fatal: false
+        });
+      }
+    }
+    const rawHeartbeat = message.config.heartbeat_interval;
+    const clampedHeartbeat = clampHeartbeat(rawHeartbeat);
+    if (clampedHeartbeat !== rawHeartbeat) {
+      log5.warn("Server heartbeat_interval is outside safe range \u2014 clamping", {
+        received: rawHeartbeat,
+        clamped: clampedHeartbeat
+      });
+    }
+    const intervalMs = clampedHeartbeat * 1e3;
+    this.startHeartbeat(intervalMs);
+    log5.info("Welcome received", {
+      sessionId: this.sessionId,
+      toolCount: message.tools.length,
+      heartbeatSeconds: message.config.heartbeat_interval
+    });
+    this.emit("welcome", this.sessionId);
+    if (this.abortedRequestIds.length > 0) {
+      const replayed = this.abortedRequestIds;
+      this.abortedRequestIds = [];
+      for (const requestId of replayed) {
+        log5.info("Replaying aborted request as session_expired error", { requestId });
+        this.send({
+          type: "error",
+          request_id: requestId,
+          code: "session_expired",
+          message: "Request aborted: the bridge connection dropped while the response was streaming.",
+          fatal: false
+        });
+      }
+    }
+  }
+  /**
+   * Handle an incoming ai_request: send ack, then execute.
+   */
+  handleAiRequest(message) {
+    const { request_id, provider, conversation_id } = message;
+    const existingCliSessionId = conversation_id ? this.sessionStore.get(conversation_id) : null;
+    if (conversation_id && !existingCliSessionId && !message.system_prompt) {
+      log5.warn("Session not found for conversation \u2014 notifying server", {
+        conversationId: conversation_id
+      });
+      this.send({
+        type: "error",
+        request_id,
+        code: "session_expired",
+        message: `No local session found for conversation ${conversation_id}`,
+        fatal: false
+      });
+      return;
+    }
+    this.send({
+      type: "ai_request_ack",
+      request_id,
+      cli_session_id: existingCliSessionId ?? null
+    });
+    this.executeAiRequestInternal(message, existingCliSessionId);
+  }
+  /**
+   * Internal request execution logic shared by handleAiRequest and handleSessionReset.
+   * Does NOT send ai_request_ack — the caller is responsible for that.
+   */
+  executeAiRequestInternal(message, existingCliSessionId) {
+    const { request_id, provider } = message;
+    const cliSessionId = existingCliSessionId ?? null;
+    if (this.testMode && this.onTestRequest) {
+      this.emit("request_start", request_id, provider);
+      const sendEvent = (event, data) => {
+        this.sendStreamEvent(request_id, event, data);
+      };
+      this.onTestRequest(message, sendEvent).catch((err) => {
+        log5.error("Test mode handler failed", {
+          error: err instanceof Error ? err.message : String(err)
+        });
+        this.sendStreamEvent(request_id, "error", {
+          code: "test_error",
+          message: err instanceof Error ? err.message : String(err)
+        });
+        this.sendStreamEvent(request_id, "done", {});
+      }).finally(() => {
+        this.emit("request_end", request_id);
+      });
+      return;
+    }
+    const adapter = this.adapters.get(provider);
+    if (!adapter) {
+      log5.error("No adapter for requested provider", { provider });
+      const installHints = {
+        codex: " Install the Codex CLI (https://github.com/openai/codex) on the machine running the bridge and restart it.",
+        claude: " Install the Claude CLI (https://claude.ai/download) on the machine running the bridge and restart it.",
+        gemini: " Install the Gemini CLI (https://github.com/google-gemini/gemini-cli) on the machine running the bridge and restart it."
+      };
+      const hint = installHints[provider] ?? "";
+      this.send({
+        type: "error",
+        request_id,
+        code: "provider_unavailable",
+        message: `Provider "${provider}" is not available on this bridge.${hint}`,
+        fatal: true
+      });
+      return;
+    }
+    this.emit("request_start", request_id, provider);
+    const controller = new AbortController();
+    this.activeRequests.set(request_id, controller);
+    this.executeRequest(adapter, message, cliSessionId, controller.signal).catch((err) => {
+      log5.error("Request execution failed", {
+        requestId: request_id,
+        error: err instanceof Error ? err.message : String(err)
+      });
+      this.sendStreamEvent(request_id, "error", {
+        code: "provider_error",
+        message: err instanceof Error ? err.message : String(err)
+      });
+      this.sendStreamEvent(request_id, "done", {});
+    }).finally(() => {
+      this.activeRequests.delete(request_id);
+      this.emit("request_end", request_id);
+    });
+  }
+  async executeRequest(adapter, request, cliSessionId, signal) {
+    const { request_id, conversation_id } = request;
+    const context = {
+      request,
+      requestId: request_id,
+      tools: this.toolManager.getAll(),
+      toolScriptDir: this.toolManager.getScriptDir(),
+      onToolCall: async (toolCallId, toolName, args) => {
+        return this.toolResolver.call(
+          (reqId, tcId, tName, tArgs) => {
+            this.send({
+              type: "tool_call",
+              request_id: reqId,
+              tool_call_id: tcId,
+              tool_name: tName,
+              arguments: tArgs
+            });
+          },
+          request_id,
+          toolCallId,
+          toolName,
+          args
+        );
+      },
+      signal,
+      cliSessionId
+    };
+    let newCliSessionId = null;
+    try {
+      newCliSessionId = await adapter.execute(context, (event) => {
+        this.sendStreamEvent(request_id, event.event, event.data);
+      });
+    } finally {
+      if (newCliSessionId && conversation_id) {
+        this.sessionStore.set(
+          conversation_id,
+          newCliSessionId,
+          adapter.providerName,
+          request.system_prompt
+        );
+      }
+    }
+  }
+  /**
+   * Handle a session_reset message by constructing a synthetic ai_request
+   * from the conversation history and executing it without sending an ack.
+   */
+  handleSessionReset(message) {
+    const { request_id, conversation_id } = message;
+    const storedSystemPrompt = this.sessionStore.getSystemPrompt(conversation_id);
+    const deleted = this.sessionStore.delete(conversation_id);
+    log5.info("Session reset", { conversationId: conversation_id, found: deleted, historyLength: message.history.length });
+    const effectiveSystemPrompt = message.system_prompt ?? storedSystemPrompt;
+    if (!message.system_prompt && storedSystemPrompt) {
+      log5.warn("session_reset has no system_prompt \u2014 using stored system prompt for this conversation", {
+        conversationId: conversation_id
+      });
+    }
+    const syntheticRequest = buildSessionResetRequest(message, effectiveSystemPrompt);
+    if (!syntheticRequest) {
+      log5.error("Session reset has no user message in history", { conversationId: conversation_id });
+      this.send({
+        type: "error",
+        request_id,
+        code: "session_reset_failed",
+        message: "No user message found in conversation history",
+        fatal: true
+      });
+      return;
+    }
+    log5.info("Re-processing session_reset as new ai_request", { requestId: request_id, provider: message.provider });
+    this.executeAiRequestInternal(syntheticRequest);
+  }
+  handleServerError(message) {
+    log5.error("Server error", { code: message.code, message: message.message, fatal: message.fatal });
+    if (message.fatal) {
+      log5.error("Fatal server error \u2014 disconnecting");
+      this.isShuttingDown = true;
+      this.toolManager.cleanupScripts();
+      this.callbackServer.stop().catch(() => {
+      });
+      this.ws?.close(1e3, "Fatal server error");
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Heartbeat
+  // -------------------------------------------------------------------------
+  startHeartbeat(intervalMs) {
+    this.stopHeartbeat();
+    this.heartbeatTimer = setInterval(() => {
+      if (this.isConnected()) {
+        this.send({ type: "ping", timestamp: Date.now() });
+        log5.debug("Ping sent");
+        this.awaitingPong = true;
+        if (this.pongTimeoutTimer) {
+          clearTimeout(this.pongTimeoutTimer);
+        }
+        this.pongTimeoutTimer = setTimeout(() => {
+          if (this.awaitingPong && this.isConnected()) {
+            log5.warn("Pong not received within 10s \u2014 connection presumed dead");
+            this.ws?.close(4e3, "Pong timeout");
+          }
+        }, 1e4);
+      }
+    }, intervalMs);
+    log5.debug("Heartbeat started", { intervalMs });
+  }
+  stopHeartbeat() {
+    if (this.heartbeatTimer) {
+      clearInterval(this.heartbeatTimer);
+      this.heartbeatTimer = null;
+    }
+    if (this.pongTimeoutTimer) {
+      clearTimeout(this.pongTimeoutTimer);
+      this.pongTimeoutTimer = null;
+    }
+    this.awaitingPong = false;
+  }
+  // -------------------------------------------------------------------------
+  // Reconnection with Exponential Backoff
+  // -------------------------------------------------------------------------
+  scheduleReconnect() {
+    if (this.reconnectAttempts >= MAX_RECONNECT_ATTEMPTS) {
+      log5.error("Maximum reconnection attempts reached \u2014 giving up", {
+        attempts: this.reconnectAttempts,
+        max: MAX_RECONNECT_ATTEMPTS
+      });
+      this.emit(
+        "error",
+        new FatalBridgeError(
+          "Maximum reconnection attempts reached. Check that the server URL is correct and the server is reachable, then restart the bridge."
+        )
+      );
+      return;
+    }
+    const delay2 = Math.min(
+      BASE_RECONNECT_DELAY_MS * Math.pow(2, this.reconnectAttempts),
+      MAX_RECONNECT_DELAY_MS
+    );
+    this.reconnectAttempts++;
+    log5.info(`Reconnecting in ${delay2 / 1e3}s (attempt ${this.reconnectAttempts}/${MAX_RECONNECT_ATTEMPTS})`);
+    this.reconnectTimer = setTimeout(() => {
+      this.reconnectTimer = null;
+      this.connect();
+    }, delay2);
+  }
+  clearReconnectTimer() {
+    if (this.reconnectTimer) {
+      clearTimeout(this.reconnectTimer);
+      this.reconnectTimer = null;
+    }
+  }
+  // -------------------------------------------------------------------------
+  // Message Sending
+  // -------------------------------------------------------------------------
+  send(message) {
+    if (!this.ws || this.ws.readyState !== WebSocket.OPEN) {
+      log5.warn("Cannot send message \u2014 WebSocket not open", { type: message.type });
+      return;
+    }
+    const payload = JSON.stringify(message);
+    this.ws.send(payload);
+    log5.debug("Message sent", { type: message.type, bytes: payload.length });
+  }
+  /**
+   * Send a stream event using the correct envelope format per PROTOCOL.md:
+   * { type: "stream", request_id, event: "<event_type>", data: {...} }
+   */
+  sendStreamEvent(requestId, event, data) {
+    this.send({
+      type: "stream",
+      request_id: requestId,
+      event,
+      data
+    });
+  }
+};
+
+// src/providers/detector.ts
+import { execFile } from "child_process";
+import { promisify } from "util";
+var log6 = createLogger("Detector");
+var execFileAsync = promisify(execFile);
+var CLI_PROBES = [
+  {
+    name: "codex",
+    binary: "codex",
+    versionArgs: ["--version"],
+    parseVersion: (output) => extractVersion(output),
+    supports_streaming: true,
+    // Codex supports server-defined bridge tools via wrapper scripts on PATH.
+    // See codex.ts for the full mechanism.
+    supports_tools: true,
+    supports_thinking: true,
+    supports_session_resume: true
+  },
+  {
+    name: "claude",
+    binary: "claude",
+    versionArgs: ["--version"],
+    parseVersion: (output) => extractVersion(output),
+    supports_streaming: true,
+    supports_tools: true,
+    supports_thinking: true,
+    supports_session_resume: true
+  },
+  {
+    name: "gemini",
+    binary: "gemini",
+    versionArgs: ["--version"],
+    parseVersion: (output) => extractVersion(output),
+    supports_streaming: true,
+    supports_tools: true,
+    supports_thinking: false,
+    supports_session_resume: true
+  }
+];
+function extractVersion(output) {
+  const match = output.match(/v?(\d+\.\d+\.\d+[\w.-]*)/);
+  return match ? match[1] : null;
+}
+async function probeOne(probe) {
+  const capability = {
+    name: probe.name,
+    version: null,
+    available: false,
+    supports_streaming: probe.supports_streaming,
+    supports_tools: probe.supports_tools,
+    supports_thinking: probe.supports_thinking,
+    supports_session_resume: probe.supports_session_resume
+  };
+  try {
+    const probeEnv = { ...process.env };
+    delete probeEnv["AI_BRIDGE_TOKEN"];
+    delete probeEnv["AI_BRIDGE_SERVER"];
+    const { stdout, stderr } = await execFileAsync(probe.binary, probe.versionArgs, {
+      timeout: 5e3,
+      env: probeEnv
+    });
+    const output = (stdout || "") + (stderr || "");
+    capability.available = true;
+    capability.version = probe.parseVersion(output.trim());
+    log6.info(`Detected ${probe.name}`, { version: capability.version });
+  } catch (err) {
+    log6.debug(`${probe.name} not found or not executable`, {
+      error: err instanceof Error ? err.message : String(err)
+    });
+  }
+  return capability;
+}
+async function detectProviders() {
+  log6.info("Detecting locally installed AI CLI tools...");
+  const results = await Promise.all(CLI_PROBES.map(probeOne));
+  const available = results.filter((r) => r.available);
+  log6.info(`Detection complete: ${available.length}/${results.length} providers available`);
+  return results;
+}
+
+// src/providers/codex.ts
+import { spawn } from "child_process";
+import { readFile } from "fs/promises";
+import { createInterface } from "readline";
+import { homedir } from "os";
+import { join } from "path";
+
+// src/providers/env.ts
+var MAX_STDERR_BYTES = 10 * 1024;
+function buildSpawnEnv(toolScriptDir, requestId) {
+  const env = { ...process.env };
+  if (toolScriptDir) {
+    env["PATH"] = `${toolScriptDir}:${env["PATH"] ?? ""}`;
+  }
+  if (requestId) {
+    env["AI_BRIDGE_REQUEST_ID"] = requestId;
+  }
+  delete env["AI_BRIDGE_TOKEN"];
+  delete env["AI_BRIDGE_SERVER"];
+  return env;
+}
+function buildCombinedPrompt(systemPrompt, userMessage) {
+  return `${systemPrompt}
+
+User request:
+${userMessage}`;
+}
+function appendStderr(buffer, chunk) {
+  if (buffer.length >= MAX_STDERR_BYTES) {
+    return buffer;
+  }
+  buffer += chunk;
+  if (buffer.length > MAX_STDERR_BYTES) {
+    buffer = buffer.slice(0, MAX_STDERR_BYTES);
+  }
+  return buffer;
+}
+function formatStderrMessage(provider, stderr, exitCode) {
+  const clean = stderr.replace(/\x1b\[[0-9;]*[mGKHFJSTsuABCDhl]/g, "").trim();
+  if (!clean) {
+    return `${provider} CLI exited with code ${exitCode ?? "unknown"}`;
+  }
+  const lower = clean.toLowerCase();
+  if (lower.includes("401") || lower.includes("403") || lower.includes("unauthorized") || lower.includes("unauthenticated") || lower.includes("auth") || lower.includes("login") || lower.includes("authenticate") || lower.includes("not logged in") || lower.includes("sign in") || lower.includes("credentials")) {
+    const authCmd = provider === "codex" ? `${provider} login` : `${provider} auth login`;
+    return `Authentication required \u2014 run \`${authCmd}\` to re-authenticate.`;
+  }
+  if (lower.includes("rate limit") || lower.includes("ratelimit") || lower.includes("too many requests") || lower.includes("429")) {
+    return `Rate limit reached \u2014 please wait a moment and try again.`;
+  }
+  const firstLine = clean.split("\n").find((l) => l.trim()) ?? clean;
+  return firstLine.substring(0, 500);
+}
+
+// src/providers/base.ts
+function createFinalizer(opts) {
+  let rlClosed = false;
+  let childExitCode = null;
+  let childExited = false;
+  const tryFinalize = () => {
+    if (!rlClosed || !childExited) return;
+    opts.signal.removeEventListener("abort", opts.onAbort);
+    if (opts.getSettled()) {
+      opts.resolve(opts.getSessionId());
+      return;
+    }
+    opts.setSettled();
+    opts.onBeforeFinalize?.();
+    if (childExitCode !== 0 && childExitCode !== null) {
+      opts.onEvent({
+        event: "error",
+        data: {
+          code: "provider_error",
+          message: formatStderrMessage(opts.providerName, opts.getStderr(), childExitCode)
+        }
+      });
+      opts.onEvent({ event: "done", data: {} });
+    } else {
+      opts.onEvent({
+        event: "error",
+        data: {
+          code: "provider_empty_response",
+          message: "The AI returned no response. Please try again."
+        }
+      });
+      opts.onEvent({ event: "done", data: {} });
+    }
+    opts.resolve(opts.getSessionId());
+  };
+  return {
+    onRlClose: () => {
+      rlClosed = true;
+      tryFinalize();
+    },
+    onChildClose: (code) => {
+      childExitCode = code;
+      childExited = true;
+      tryFinalize();
+    }
+  };
+}
+var ProviderAdapter = class {
+};
+
+// src/providers/codex.ts
+var log7 = createLogger("CodexAdapter");
+var DEFAULT_MODEL = "gpt-5.3-codex";
+function buildToolPromptNote(tools) {
+  if (tools.length === 0) return "";
+  const lines = tools.map((t) => `- \`${t.name}\`: ${t.description}`);
+  return "\n\n---\nThe following bridge tools are available to you as shell commands. Run a tool by executing its command name in the shell (passing any arguments it documents); the command performs the action and prints the result. Use them when they help answer the request:\n" + lines.join("\n");
+}
+var CodexAdapter = class extends ProviderAdapter {
+  providerName = "codex";
+  async execute(context, onEvent) {
+    const { request, signal, cliSessionId } = context;
+    const requestId = request.request_id;
+    const userMessage = request.message;
+    log7.info("Executing Codex request", { requestId });
+    let args;
+    const model = request.options?.model ?? DEFAULT_MODEL;
+    if (cliSessionId) {
+      args = [
+        "exec",
+        "resume",
+        cliSessionId,
+        "--json"
+      ];
+      if (request.options?.model) {
+        args.push("-m", request.options.model);
+      }
+      log7.debug("Resuming session", { cliSessionId });
+    } else {
+      args = [
+        "exec",
+        "--json",
+        "--skip-git-repo-check",
+        "--ephemeral",
+        "-m",
+        model
+      ];
+    }
+    const hasTools = context.tools.length > 0;
+    if (hasTools) {
+      args.push(
+        "-s",
+        "workspace-write",
+        "-c",
+        "sandbox_workspace_write.network_access=true",
+        "-c",
+        "approval_policy=never"
+      );
+    }
+    const toolNote = hasTools ? buildToolPromptNote(context.tools) : "";
+    if (!cliSessionId && request.system_prompt) {
+      args.push("--", buildCombinedPrompt(request.system_prompt, userMessage) + toolNote);
+    } else if (toolNote) {
+      args.push("--", userMessage + toolNote);
+    } else {
+      args.push(userMessage);
+    }
+    if (request.options?.max_tokens) {
+      log7.warn("max_tokens option specified but Codex CLI does not support it directly \u2014 ignoring", {
+        max_tokens: request.options.max_tokens
+      });
+    }
+    if (isDebugEnabled()) {
+      log7.debug("Spawning codex", { args: args.map((a) => a.length > 50 ? a.substring(0, 50) + "..." : a) });
+    }
+    return new Promise((resolve) => {
+      let sessionId = null;
+      let blockIndex = 0;
+      let settled = false;
+      if (hasTools) {
+        log7.info("Server-defined tools enabled for Codex request", {
+          toolCount: context.tools.length
+        });
+      }
+      const env = buildSpawnEnv(hasTools ? context.toolScriptDir : null, context.requestId);
+      const child = spawn("codex", args, {
+        env,
+        stdio: ["ignore", "pipe", "pipe"]
+      });
+      const onAbort = () => {
+        log7.info("Request aborted \u2014 killing codex process", { requestId });
+        child.kill("SIGTERM");
+      };
+      signal.addEventListener("abort", onAbort, { once: true });
+      let stderrBuffer = "";
+      const finalizer = createFinalizer({
+        providerName: "codex",
+        terminalEvent: "turn.completed",
+        getSettled: () => settled,
+        setSettled: () => {
+          settled = true;
+        },
+        getSessionId: () => sessionId,
+        getStderr: () => stderrBuffer,
+        onEvent,
+        resolve,
+        signal,
+        onAbort
+      });
+      const rl = createInterface({ input: child.stdout });
+      rl.on("line", (line) => {
+        if (!line.trim()) return;
+        let parsed;
+        try {
+          parsed = JSON.parse(line);
+        } catch {
+          log7.debug("Skipping non-JSON line", { line: line.substring(0, 100) });
+          return;
+        }
+        const type = parsed["type"];
+        if (type === "thread.started") {
+          sessionId = parsed["thread_id"] ?? null;
+          log7.debug("Thread started", { sessionId });
+          return;
+        }
+        if (type === "turn.started") {
+          log7.debug("Turn started");
+          return;
+        }
+        if (type === "item.completed") {
+          const item = parsed["item"];
+          if (!item) return;
+          const itemType = item["type"];
+          if (itemType === "agent_message") {
+            const text = item["text"];
+            if (!text) return;
+            onEvent({
+              event: "block_start",
+              data: { block_index: blockIndex, block_type: "text" }
+            });
+            onEvent({
+              event: "block_delta",
+              data: { block_index: blockIndex, content: text }
+            });
+            onEvent({
+              event: "block_stop",
+              data: { block_index: blockIndex }
+            });
+            blockIndex++;
+          } else if (itemType === "reasoning") {
+            const text = item["text"] ?? "";
+            if (!text) return;
+            onEvent({
+              event: "block_start",
+              data: { block_index: blockIndex, block_type: "thinking" }
+            });
+            onEvent({
+              event: "block_delta",
+              data: { block_index: blockIndex, content: text }
+            });
+            onEvent({
+              event: "block_stop",
+              data: { block_index: blockIndex }
+            });
+            blockIndex++;
+          } else if (itemType === "error") {
+            const message = item["message"] ?? "Unknown Codex error";
+            log7.warn("Codex error item", { message: message.substring(0, 200) });
+            onEvent({
+              event: "error",
+              data: { code: "provider_error", message }
+            });
+            onEvent({ event: "done", data: {} });
+            settled = true;
+          }
+          return;
+        }
+        if (type === "turn.completed") {
+          if (settled) return;
+          const usage = parsed["usage"];
+          const inputTokens = usage ? usage["input_tokens"] ?? null : null;
+          const outputTokens = usage ? usage["output_tokens"] ?? null : null;
+          onEvent({
+            event: "done",
+            data: {
+              usage: {
+                input_tokens: inputTokens,
+                output_tokens: outputTokens
+              }
+            }
+          });
+          settled = true;
+          return;
+        }
+        if (type === "turn.failed") {
+          const error = parsed["error"];
+          const message = error?.["message"] ?? "Codex turn failed";
+          log7.warn("Codex turn failed", { message: message.substring(0, 200) });
+          onEvent({
+            event: "error",
+            data: { code: "provider_error", message }
+          });
+          onEvent({ event: "done", data: {} });
+          settled = true;
+          return;
+        }
+        if (type === "error") {
+          const message = parsed["message"] ?? "Unknown Codex error";
+          log7.warn("Codex error event", { message: message.substring(0, 200) });
+          onEvent({
+            event: "error",
+            data: { code: "provider_error", message }
+          });
+          onEvent({ event: "done", data: {} });
+          settled = true;
+          return;
+        }
+        log7.debug("Unhandled Codex event type", { type });
+      });
+      rl.on("close", finalizer.onRlClose);
+      child.stderr.on("data", (chunk) => {
+        stderrBuffer = appendStderr(stderrBuffer, chunk.toString());
+      });
+      child.on("error", (err) => {
+        log7.error("Failed to spawn codex", { error: err.message });
+        const errorMessage = err.code === "ENOENT" ? "codex CLI not found. Install it or ensure it is on your PATH." : `Failed to spawn codex: ${err.message}`;
+        signal.removeEventListener("abort", onAbort);
+        if (!settled) {
+          settled = true;
+          onEvent({
+            event: "error",
+            data: {
+              code: "provider_spawn_error",
+              message: errorMessage
+            }
+          });
+          onEvent({ event: "done", data: {} });
+          resolve(null);
+        }
+      });
+      child.on("close", (code) => {
+        log7.debug("Codex process closed", { code, sessionId });
+        finalizer.onChildClose(code);
+      });
+    });
+  }
+  async listModels() {
+    try {
+      const cachePath = join(homedir(), ".codex", "models_cache.json");
+      const raw = await readFile(cachePath, "utf-8");
+      const cache = JSON.parse(raw);
+      if (!cache.models || !Array.isArray(cache.models)) {
+        log7.warn("Codex models cache is empty or invalid");
+        return [];
+      }
+      return cache.models.filter((m) => m.visibility !== "hide").map((m) => ({
+        id: m.slug,
+        name: m.display_name,
+        description: m.description,
+        is_default: m.slug === DEFAULT_MODEL
+      }));
+    } catch (err) {
+      log7.warn("Failed to read Codex models cache. Run codex once to populate models cache. Showing default model only.", {
+        error: err instanceof Error ? err.message : String(err)
+      });
+      return [
+        { id: DEFAULT_MODEL, name: DEFAULT_MODEL, is_default: true }
+      ];
+    }
+  }
+};
+
+// src/providers/claude.ts
+import { spawn as spawn2 } from "child_process";
+import { createInterface as createInterface2 } from "readline";
+var CLAUDE_MODELS = [
+  { id: "sonnet", name: "Sonnet", description: "Best balance of speed and intelligence", is_default: true },
+  { id: "opus", name: "Opus", description: "Highest intelligence, slower", is_default: false },
+  { id: "haiku", name: "Haiku", description: "Fastest and most cost-efficient", is_default: false }
+];
+var log8 = createLogger("ClaudeAdapter");
+var ClaudeAdapter = class extends ProviderAdapter {
+  providerName = "claude";
+  async execute(context, onEvent) {
+    const { request, signal, cliSessionId } = context;
+    const requestId = request.request_id;
+    const userMessage = request.message;
+    log8.info("Executing Claude request", { requestId });
+    const args = [
+      "-p",
+      // Print mode (non-interactive)
+      "--output-format",
+      "stream-json",
+      // NDJSON streaming output
+      "--verbose"
+      // Required for stream-json in print mode
+    ];
+    if (cliSessionId) {
+      args.push("--session-id", cliSessionId);
+      log8.debug("Resuming session", { cliSessionId });
+    }
+    if (request.system_prompt && !cliSessionId) {
+      args.push("--system-prompt", request.system_prompt);
+    }
+    if (request.options?.model) {
+      args.push("--model", request.options.model);
+    }
+    if (request.options?.max_tokens) {
+      args.push("--max-tokens", String(request.options.max_tokens));
+    }
+    if (context.tools.length > 0 && context.toolScriptDir) {
+      args.push("--allowedTools=bash");
+    }
+    args.push(userMessage);
+    if (isDebugEnabled()) {
+      log8.debug("Spawning claude", { args: args.map((a) => a.length > 50 ? a.substring(0, 50) + "..." : a) });
+    }
+    return new Promise((resolve, reject) => {
+      let sessionId = null;
+      let blockIndex = 0;
+      let settled = false;
+      const env = buildSpawnEnv(context.toolScriptDir, context.requestId);
+      delete env["CLAUDECODE"];
+      const child = spawn2("claude", args, {
+        env,
+        stdio: ["ignore", "pipe", "pipe"]
+        // stdin must be 'ignore' — Claude CLI hangs if stdin is a pipe
+      });
+      const onAbort = () => {
+        log8.info("Request aborted \u2014 killing claude process", { requestId });
+        child.kill("SIGTERM");
+      };
+      signal.addEventListener("abort", onAbort, { once: true });
+      let stderrBuffer = "";
+      const finalizer = createFinalizer({
+        providerName: "claude",
+        terminalEvent: "result",
+        getSettled: () => settled,
+        setSettled: () => {
+          settled = true;
+        },
+        getSessionId: () => sessionId,
+        getStderr: () => stderrBuffer,
+        onEvent,
+        resolve,
+        signal,
+        onAbort
+      });
+      const rl = createInterface2({ input: child.stdout });
+      rl.on("line", (line) => {
+        if (!line.trim()) return;
+        let parsed;
+        try {
+          parsed = JSON.parse(line);
+        } catch {
+          log8.debug("Skipping non-JSON line", { line: line.substring(0, 100) });
+          return;
+        }
+        const type = parsed["type"];
+        if (type === "system" && parsed["subtype"] === "init") {
+          sessionId = parsed["session_id"] ?? null;
+          log8.debug("Session init", { sessionId, model: parsed["model"] });
+          return;
+        }
+        if (type === "assistant") {
+          if (settled) {
+            log8.debug("Assistant event received after stream settled \u2014 block events would be emitted post-done", {
+              sessionId
+            });
+          }
+          const message = parsed["message"];
+          if (!message) return;
+          const content = message["content"];
+          if (!content || !Array.isArray(content)) return;
+          for (const block of content) {
+            const blockType = block["type"];
+            if (blockType === "text") {
+              const text = block["text"];
+              if (!text) continue;
+              onEvent({
+                event: "block_start",
+                data: {
+                  block_index: blockIndex,
+                  block_type: "text"
+                }
+              });
+              onEvent({
+                event: "block_delta",
+                data: {
+                  block_index: blockIndex,
+                  content: text
+                }
+              });
+              onEvent({
+                event: "block_stop",
+                data: {
+                  block_index: blockIndex
+                }
+              });
+              blockIndex++;
+            } else if (blockType === "thinking") {
+              const thinking = block["thinking"];
+              if (!thinking) continue;
+              onEvent({
+                event: "block_start",
+                data: {
+                  block_index: blockIndex,
+                  block_type: "thinking"
+                }
+              });
+              onEvent({
+                event: "block_delta",
+                data: {
+                  block_index: blockIndex,
+                  content: thinking
+                }
+              });
+              onEvent({
+                event: "block_stop",
+                data: {
+                  block_index: blockIndex
+                }
+              });
+              blockIndex++;
+            } else if (blockType === "tool_use") {
+              const toolName = block["name"];
+              const toolId = block["id"];
+              const toolInput = block["input"];
+              if (!toolName || !toolId) continue;
+              onEvent({
+                event: "block_start",
+                data: {
+                  block_index: blockIndex,
+                  block_type: "tool_call",
+                  tool_name: toolName,
+                  tool_call_id: toolId
+                }
+              });
+              onEvent({
+                event: "block_delta",
+                data: {
+                  block_index: blockIndex,
+                  content: JSON.stringify(toolInput ?? {})
+                }
+              });
+              onEvent({
+                event: "block_stop",
+                data: {
+                  block_index: blockIndex
+                }
+              });
+              blockIndex++;
+            }
+          }
+          return;
+        }
+        if (type === "result") {
+          sessionId = parsed["session_id"] ?? sessionId;
+          const usage = parsed["usage"];
+          const inputTokens = usage ? usage["input_tokens"] ?? null : null;
+          const outputTokens = usage ? usage["output_tokens"] ?? null : null;
+          onEvent({
+            event: "done",
+            data: {
+              usage: {
+                input_tokens: inputTokens,
+                output_tokens: outputTokens
+              }
+            }
+          });
+          settled = true;
+          return;
+        }
+        if (type === "rate_limit_event") {
+          log8.warn("Claude rate limit event", { type });
+          onEvent({
+            event: "error",
+            data: {
+              code: "rate_limited",
+              message: "Claude is currently rate-limited. The request may retry automatically, or you may need to try again in a moment."
+            }
+          });
+          return;
+        }
+        log8.debug("Unhandled Claude event type", { type });
+      });
+      rl.on("close", finalizer.onRlClose);
+      child.stderr.on("data", (chunk) => {
+        stderrBuffer = appendStderr(stderrBuffer, chunk.toString());
+      });
+      child.on("error", (err) => {
+        log8.error("Failed to spawn claude", { error: err.message });
+        const errorMessage = err.code === "ENOENT" ? "claude CLI not found. Install it or ensure it is on your PATH." : `Failed to spawn claude: ${err.message}`;
+        signal.removeEventListener("abort", onAbort);
+        if (!settled) {
+          settled = true;
+          onEvent({
+            event: "error",
+            data: {
+              code: "provider_spawn_error",
+              message: errorMessage
+            }
+          });
+          onEvent({ event: "done", data: {} });
+          resolve(null);
+        }
+      });
+      child.on("close", (code) => {
+        log8.debug("Claude process closed", { code, sessionId });
+        finalizer.onChildClose(code);
+      });
+    });
+  }
+  async listModels() {
+    return CLAUDE_MODELS;
+  }
+};
+
+// src/providers/gemini.ts
+import { spawn as spawn3 } from "child_process";
+import { createInterface as createInterface3 } from "readline";
+var GEMINI_MODELS = [
+  { id: "auto", name: "Auto", description: "Automatically selects the best model", is_default: true },
+  { id: "pro", name: "Pro", description: "Complex reasoning tasks (Gemini 2.5 Pro)", is_default: false },
+  { id: "flash", name: "Flash", description: "Fast and balanced (Gemini 2.5 Flash)", is_default: false },
+  { id: "flash-lite", name: "Flash Lite", description: "Fastest for simple tasks (Gemini 2.5 Flash Lite)", is_default: false }
+];
+var log9 = createLogger("GeminiAdapter");
+var GeminiAdapter = class extends ProviderAdapter {
+  providerName = "gemini";
+  async execute(context, onEvent) {
+    const { request, signal, cliSessionId } = context;
+    const requestId = request.request_id;
+    const userMessage = request.message;
+    log9.info("Executing Gemini request", { requestId });
+    let prompt = userMessage;
+    if (request.system_prompt && !cliSessionId) {
+      prompt = buildCombinedPrompt(request.system_prompt, userMessage);
+    }
+    const args = [
+      "--prompt",
+      prompt,
+      // Non-interactive mode with prompt
+      "--output-format",
+      "stream-json",
+      // NDJSON streaming output
+      "--skip-trust"
+      // Required for headless/non-interactive mode
+    ];
+    if (cliSessionId) {
+      args.push("--resume", cliSessionId);
+      log9.debug("Resuming session", { cliSessionId });
+    }
+    if (request.options?.model) {
+      args.push("--model", request.options.model);
+    }
+    if (request.options?.max_tokens) {
+      log9.warn("max_tokens option specified but Gemini CLI does not support it directly \u2014 ignoring", {
+        max_tokens: request.options.max_tokens
+      });
+    }
+    if (isDebugEnabled()) {
+      log9.debug("Spawning gemini", { args: args.map((a) => a.length > 50 ? a.substring(0, 50) + "..." : a) });
+    }
+    return new Promise((resolve) => {
+      let sessionId = null;
+      let blockIndex = 0;
+      let settled = false;
+      let inTextBlock = false;
+      const env = buildSpawnEnv(context.toolScriptDir, context.requestId);
+      const child = spawn3("gemini", args, {
+        env,
+        stdio: ["ignore", "pipe", "pipe"]
+        // stdin must be 'ignore' to prevent hanging
+      });
+      const onAbort = () => {
+        log9.info("Request aborted \u2014 killing gemini process", { requestId });
+        child.kill("SIGTERM");
+      };
+      signal.addEventListener("abort", onAbort, { once: true });
+      let stderrBuffer = "";
+      const finalizer = createFinalizer({
+        providerName: "gemini",
+        terminalEvent: "result",
+        getSettled: () => settled,
+        setSettled: () => {
+          settled = true;
+        },
+        getSessionId: () => sessionId,
+        getStderr: () => stderrBuffer,
+        onEvent,
+        resolve,
+        signal,
+        onAbort,
+        // Gemini-specific: close any open text block before finalizing
+        onBeforeFinalize: () => {
+          if (inTextBlock) {
+            onEvent({
+              event: "block_stop",
+              data: { block_index: blockIndex }
+            });
+            blockIndex++;
+            inTextBlock = false;
+          }
+        }
+      });
+      const rl = createInterface3({ input: child.stdout });
+      rl.on("line", (line) => {
+        if (!line.trim()) return;
+        let parsed;
+        try {
+          parsed = JSON.parse(line);
+        } catch {
+          log9.debug("Skipping non-JSON line", { line: line.substring(0, 100) });
+          return;
+        }
+        const type = parsed["type"];
+        if (type === "init") {
+          sessionId = parsed["session_id"] ?? null;
+          log9.debug("Session init", { sessionId, model: parsed["model"] });
+          return;
+        }
+        if (type === "message") {
+          const role = parsed["role"];
+          if (role === "user") return;
+          if (role === "assistant") {
+            const content = parsed["content"];
+            const isDelta = parsed["delta"];
+            if (!content) return;
+            if (isDelta) {
+              if (!inTextBlock) {
+                onEvent({
+                  event: "block_start",
+                  data: {
+                    block_index: blockIndex,
+                    block_type: "text"
+                  }
+                });
+                inTextBlock = true;
+              }
+              onEvent({
+                event: "block_delta",
+                data: {
+                  block_index: blockIndex,
+                  content
+                }
+              });
+            } else {
+              if (inTextBlock) {
+                onEvent({
+                  event: "block_stop",
+                  data: { block_index: blockIndex }
+                });
+                blockIndex++;
+                inTextBlock = false;
+              }
+              onEvent({
+                event: "block_start",
+                data: { block_index: blockIndex, block_type: "text" }
+              });
+              onEvent({
+                event: "block_delta",
+                data: { block_index: blockIndex, content }
+              });
+              onEvent({
+                event: "block_stop",
+                data: { block_index: blockIndex }
+              });
+              blockIndex++;
+            }
+          }
+          return;
+        }
+        if (type === "tool_use") {
+          if (inTextBlock) {
+            onEvent({
+              event: "block_stop",
+              data: { block_index: blockIndex }
+            });
+            blockIndex++;
+            inTextBlock = false;
+          }
+          onEvent({
+            event: "block_start",
+            data: {
+              block_index: blockIndex,
+              block_type: "tool_call",
+              tool_name: parsed["tool_name"],
+              tool_call_id: parsed["tool_id"]
+            }
+          });
+          onEvent({
+            event: "block_delta",
+            data: {
+              block_index: blockIndex,
+              content: JSON.stringify(parsed["parameters"] ?? {})
+            }
+          });
+          onEvent({
+            event: "block_stop",
+            data: { block_index: blockIndex }
+          });
+          blockIndex++;
+          return;
+        }
+        if (type === "tool_result") {
+          const toolId = parsed["tool_id"];
+          const output = parsed["output"] ?? "";
+          const status = parsed["status"];
+          onEvent({
+            event: "tool_result",
+            data: {
+              tool_call_id: toolId,
+              result: status === "error" ? `Error: ${parsed["error"]?.["message"] ?? output}` : output
+            }
+          });
+          return;
+        }
+        if (type === "error") {
+          const severity = parsed["severity"];
+          const message = parsed["message"];
+          log9.warn("Gemini error event", { severity, message: message?.substring(0, 200) });
+          if (severity === "error") {
+            onEvent({
+              event: "error",
+              data: {
+                code: "provider_error",
+                message: message ?? "Unknown Gemini error"
+              }
+            });
+            onEvent({ event: "done", data: {} });
+            settled = true;
+          } else if (severity === "warning") {
+            const lowerMsg = (message ?? "").toLowerCase();
+            const isRateLimit = lowerMsg.includes("rate limit") || lowerMsg.includes("ratelimit") || lowerMsg.includes("quota") || lowerMsg.includes("429") || lowerMsg.includes("too many requests");
+            onEvent({
+              event: "error",
+              data: {
+                code: isRateLimit ? "rate_limited" : "provider_warning",
+                message: message ?? "Gemini warning"
+              }
+            });
+          }
+          return;
+        }
+        if (type === "result") {
+          if (settled) return;
+          if (inTextBlock) {
+            onEvent({
+              event: "block_stop",
+              data: { block_index: blockIndex }
+            });
+            blockIndex++;
+            inTextBlock = false;
+          }
+          const status = parsed["status"];
+          if (status === "error") {
+            const error = parsed["error"];
+            const errorMessage = error?.["message"] ?? "Gemini request failed";
+            log9.warn("Gemini result error", { type: error?.["type"], message: errorMessage.substring(0, 200) });
+            onEvent({
+              event: "error",
+              data: {
+                code: "provider_error",
+                message: errorMessage
+              }
+            });
+          }
+          const stats = parsed["stats"];
+          const inputTokens = stats ? stats["input_tokens"] ?? null : null;
+          const outputTokens = stats ? stats["output_tokens"] ?? null : null;
+          onEvent({
+            event: "done",
+            data: {
+              usage: {
+                input_tokens: inputTokens,
+                output_tokens: outputTokens
+              }
+            }
+          });
+          settled = true;
+          return;
+        }
+        log9.debug("Unhandled Gemini event type", { type });
+      });
+      rl.on("close", finalizer.onRlClose);
+      child.stderr.on("data", (chunk) => {
+        stderrBuffer = appendStderr(stderrBuffer, chunk.toString());
+      });
+      child.on("error", (err) => {
+        log9.error("Failed to spawn gemini", { error: err.message });
+        const errorMessage = err.code === "ENOENT" ? "gemini CLI not found. Install it or ensure it is on your PATH." : `Failed to spawn gemini: ${err.message}`;
+        signal.removeEventListener("abort", onAbort);
+        if (!settled) {
+          settled = true;
+          onEvent({
+            event: "error",
+            data: {
+              code: "provider_spawn_error",
+              message: errorMessage
+            }
+          });
+          onEvent({ event: "done", data: {} });
+          resolve(null);
+        }
+      });
+      child.on("close", (code) => {
+        log9.debug("Gemini process closed", { code, sessionId });
+        finalizer.onChildClose(code);
+      });
+    });
+  }
+  async listModels() {
+    return GEMINI_MODELS;
+  }
+};
+
+// src/test-mode.ts
+var log10 = createLogger("TestMode");
+function delay(ms) {
+  return new Promise((resolve) => setTimeout(resolve, ms));
+}
+async function handleTestRequest(request, sendEvent) {
+  log10.info("Test mode: handling mock request", {
+    requestId: request.request_id,
+    provider: request.provider,
+    message: request.message.slice(0, 80)
+  });
+  await delay(100);
+  sendEvent("block_start", {
+    block_index: 0,
+    block_type: "thinking"
+  });
+  await delay(50);
+  const thinkingChunks = [
+    "Let me think about this request... ",
+    `The user asked: "${request.message.slice(0, 50)}". `,
+    "I will provide a helpful mock response."
+  ];
+  for (const chunk of thinkingChunks) {
+    sendEvent("block_delta", {
+      block_index: 0,
+      content: chunk
+    });
+    await delay(30);
+  }
+  sendEvent("block_stop", {
+    block_index: 0
+  });
+  await delay(50);
+  sendEvent("block_start", {
+    block_index: 1,
+    block_type: "text"
+  });
+  await delay(50);
+  const textChunks = [
+    "This is a **mock response** from ai-bridge test mode. ",
+    "The bridge is connected and streaming is working correctly. ",
+    `Your request was routed to the "${request.provider}" provider. `,
+    "In production, this response would come from your local CLI tool. ",
+    `
+
+Original message: "${request.message.slice(0, 100)}"`
+  ];
+  for (const chunk of textChunks) {
+    sendEvent("block_delta", {
+      block_index: 1,
+      content: chunk
+    });
+    await delay(40);
+  }
+  sendEvent("block_stop", {
+    block_index: 1
+  });
+  await delay(50);
+  sendEvent("done", {
+    usage: {
+      input_tokens: 42,
+      output_tokens: 108
+    }
+  });
+  log10.info("Test mode: mock response complete", { requestId: request.request_id });
+}
+
+// src/cli.ts
+var log11 = createLogger("CLI");
+var program = new Command();
+program.name("ai-bridge").description("Local CLI bridge for AI web apps \u2014 connects Codex, Claude, and Gemini to your web application via WebSocket").version(BRIDGE_VERSION).option(
+  "-t, --token <token>",
+  "Authentication token (or set AI_BRIDGE_TOKEN env var)",
+  process.env["AI_BRIDGE_TOKEN"]
+).option(
+  "-s, --server <url>",
+  "WebSocket server URL (or set AI_BRIDGE_SERVER env var)",
+  process.env["AI_BRIDGE_SERVER"]
+).option(
+  "-d, --debug",
+  "Enable verbose debug logging",
+  false
+).option(
+  "--test",
+  "Test mode \u2014 respond to AI requests with mock streaming data (--server and --token still required for the WebSocket connection)",
+  false
+).action(async (opts) => {
+  if (opts.debug) {
+    setDebug(true);
+  }
+  log11.info(`AI Bridge v${BRIDGE_VERSION} (protocol v${PROTOCOL_VERSION})`);
+  if (opts.test) {
+    log11.info("Running in TEST MODE \u2014 AI requests will receive mock responses");
+  }
+  const token = opts.token;
+  const serverUrl = opts.server;
+  if (!token) {
+    log11.error("Authentication token is required. Use --token <token> or set AI_BRIDGE_TOKEN. Generate a token from your web application (see README for details).");
+    process.exit(1);
+  }
+  if (!serverUrl) {
+    log11.error("Server URL is required. Use --server <url> or set AI_BRIDGE_SERVER. Use the wss:// address provided by your web application (e.g. wss://your-app.com/api/ai-bridge/ws).");
+    process.exit(1);
+  }
+  if (!serverUrl.startsWith("ws://") && !serverUrl.startsWith("wss://")) {
+    log11.error("Server URL must start with ws:// or wss://");
+    process.exit(1);
+  }
+  if (serverUrl.startsWith("ws://")) {
+    log11.warn("Connecting over unencrypted ws://. Use wss:// in production.");
+  }
+  try {
+    const parsedUrl = new URL(serverUrl);
+    if (parsedUrl.username || parsedUrl.password) {
+      log11.error("Server URL must not contain username or password components");
+      process.exit(1);
+    }
+  } catch {
+    log11.error("Server URL is not a valid URL");
+    process.exit(1);
+  }
+  const providers = await detectProviders();
+  const availableProviders = providers.filter((p) => p.available);
+  if (availableProviders.length === 0 && !opts.test) {
+    log11.warn("No AI CLI tools detected. The bridge will NOT be able to execute requests.");
+    log11.warn("Install one of: codex (https://github.com/openai/codex), claude (https://claude.ai/download), gemini (https://github.com/google-gemini/gemini-cli)");
+    log11.warn("Or use --test flag to run in test mode with mock responses.");
+    log11.warn("AI requests will fail until a provider CLI is installed. See install links above.");
+    log11.warn("Connecting anyway so the server knows a bridge is present...");
+  } else if (availableProviders.length > 0) {
+    log11.info(`Available providers: ${availableProviders.map((p) => `${p.name} (${p.version ?? "unknown version"})`).join(", ")}`);
+  }
+  const adapterInstances = [
+    new CodexAdapter(),
+    new ClaudeAdapter(),
+    new GeminiAdapter()
+  ];
+  const adapters = /* @__PURE__ */ new Map();
+  const availableAdapters = adapterInstances.filter((adapter) => {
+    const capability = providers.find((p) => p.name === adapter.providerName);
+    return capability?.available === true;
+  });
+  await Promise.all(
+    availableAdapters.map(async (adapter) => {
+      const capability = providers.find((p) => p.name === adapter.providerName);
+      adapters.set(adapter.providerName, adapter);
+      try {
+        const models = await adapter.listModels();
+        capability.models = models;
+        log11.info(`${adapter.providerName} models: ${models.map((m) => m.id).join(", ")}`);
+      } catch (err) {
+        log11.warn(`Failed to list models for ${adapter.providerName}`, {
+          error: err instanceof Error ? err.message : String(err)
+        });
+      }
+      log11.debug("Registered adapter", { name: adapter.providerName });
+    })
+  );
+  const bridge = new Bridge({
+    serverUrl,
+    token,
+    providers,
+    adapters,
+    testMode: opts.test,
+    onTestRequest: opts.test ? handleTestRequest : void 0
+  });
+  bridge.on("connected", () => {
+    log11.info("Connected to server");
+  });
+  bridge.on("welcome", (sessionId) => {
+    log11.info(`Session established: ${sessionId}`);
+    if (opts.test) {
+      log11.info("Test mode active \u2014 waiting for ai_request messages...");
+    }
+  });
+  bridge.on("disconnected", (code, reason) => {
+    log11.warn(`Disconnected from server (code=${code}, reason="${reason}")`);
+  });
+  bridge.on("error", (err) => {
+    log11.error("Bridge error", { error: err.message });
+    if (err instanceof FatalBridgeError) {
+      process.exit(1);
+    }
+  });
+  bridge.on("request_start", (requestId, provider) => {
+    log11.info(`Processing request ${requestId} with ${provider}${opts.test ? " (test mode)" : ""}`);
+  });
+  bridge.on("request_end", (requestId) => {
+    log11.info(`Request ${requestId} completed`);
+  });
+  const shutdown = async (signal) => {
+    log11.info(`Received ${signal} \u2014 shutting down gracefully`);
+    await bridge.disconnect();
+    process.exit(0);
+  };
+  process.on("SIGINT", () => shutdown("SIGINT"));
+  process.on("SIGTERM", () => shutdown("SIGTERM"));
+  process.on("unhandledRejection", (reason) => {
+    log11.error("Unhandled rejection \u2014 bridge is in an unknown state, exiting (restart the bridge to recover)", {
+      error: reason instanceof Error ? reason.message : String(reason)
+    });
+    bridge.disconnect().catch(() => {
+    }).finally(() => {
+      process.exit(1);
+    });
+  });
+  bridge.connect();
+});
+if (process.argv[1] === fileURLToPath(import.meta.url)) {
+  program.parseAsync(process.argv).catch((err) => {
+    log11.error("Fatal error", { error: err instanceof Error ? err.message : String(err) });
+    process.exit(1);
+  });
+}
+//# sourceMappingURL=cli.js.map