@vizamodo/modo-dispatcher 1.1.77

package/dist/flows/email-otp-flow.js

@@ -0,0 +1,249 @@
+import readline from "node:readline";
+import { safeDownloadResultArtifact } from "../artifacts/downloader.js";
+import { isObject, hasDownloadUrl } from "../utils/type-guards.js";
+import chalk from "chalk";
+/**
+ * Runtime results from the gateway may be delivered either:
+ *   a) inline JSON in `data.result`, or
+ *   b) as an artifact reference `{ downloadUrl, path }` that must be
+ *      downloaded and parsed.
+ *
+ * This helper handles both shapes transparently.
+ */
+async function resolveRuntimeResult(result) {
+    if (result.kind !== "runtime") {
+        return undefined;
+    }
+    const raw = result.data?.result;
+    if (raw == null) {
+        return undefined;
+    }
+    // Case (b): artifact reference — download and parse JSON
+    if (isObject(raw) && !Array.isArray(raw) && hasDownloadUrl(raw)) {
+        const artifact = {
+            path: 'path' in raw && typeof raw.path === 'string' ? raw.path : '',
+            downloadUrl: raw.downloadUrl,
+            contentType: 'contentType' in raw && typeof raw.contentType === 'string' ? raw.contentType : 'application/json',
+        };
+        const buffer = await safeDownloadResultArtifact({ result: artifact });
+        if (!buffer) {
+            return undefined;
+        }
+        try {
+            const parsed = JSON.parse(buffer.toString("utf8"));
+            return parsed;
+        }
+        catch {
+            return undefined;
+        }
+    }
+    // Case (a): inline JSON
+    const inline = raw;
+    return inline;
+}
+function prompt(question) {
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+    return new Promise((resolve) => {
+        rl.on("SIGINT", () => {
+            rl.close();
+            resolve(null);
+        });
+        rl.question(question, (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
+export async function runEmailOtpFlow(input, options, hooks, dispatcherCall) {
+    if (!dispatcherCall) {
+        throw new Error("Missing dispatcher call implementation for email OTP flow");
+    }
+    const flowOptions = {
+        ...options,
+        interactiveAuthFlow: false,
+        banner: false, // suppress dispatch banner for inner verify/resend calls
+    };
+    // STEP 1: send OTP
+    const res1 = await dispatcherCall({
+        ...input,
+        commandType: "email.provision"
+    }, flowOptions, "dispatch");
+    const result1 = await res1.wait();
+    if (result1.kind === "github") {
+        throw new Error(`Unexpected github execution: ${result1.conclusion}`);
+    }
+    const provisionResult = await resolveRuntimeResult(result1);
+    if (result1.status === "provisioned") {
+        const alias = provisionResult?.alias;
+        console.log("\n✅ Email already provisioned");
+        if (alias) {
+            console.log(chalk.gray(`\n📨 Your email ${alias} is ready to use.`));
+        }
+        return result1;
+    }
+    if (result1.status !== "sent") {
+        throw new Error(`Unexpected state: ${result1.status}`);
+    }
+    const fullPayload = input.payload;
+    const email = provisionResult?.email ?? fullPayload?.email;
+    const fullName = provisionResult?.fullName ?? fullPayload?.fullName;
+    if (!email) {
+        throw new Error("Missing email in payload or response");
+    }
+    if (!fullName) {
+        throw new Error("Missing fullName in payload or response");
+    }
+    const provisionContext = Object.freeze({
+        ...input,
+        payload: Object.freeze({
+            ...input.payload,
+            email,
+            fullName,
+        }),
+    });
+    const isNew = provisionResult?.isNew;
+    if (isNew === false) {
+        console.log(chalk.yellow("\n🔁 OTP already sent.\n" +
+            "Please check your email from Viza Development Platform and use the existing code below."));
+    }
+    else {
+        console.log(chalk.yellow("\n📨 OTP sent successfully.\n" +
+            "Please check your email (from Viza Development Platform), copy the verification code,\n" +
+            "and enter it below to continue."));
+    }
+    // Highlight input section
+    console.log(chalk.magenta("\n─────────────────────── 🔐 ENTER OTP BELOW ──────────────────────────────────────────────────────────────────────────────────────\n"));
+    // STEP 2: verify loop
+    let lastResendAt = Date.now();
+    const RESEND_COOLDOWN_MS = 30000; // 30 seconds client-side throttle (reduce spam, better UX)
+    let nextAllowedVerifyAt = 0;
+    while (true) {
+        hooks?.onBeforePrompt?.();
+        const otp = await prompt("Enter OTP (or 'r' to resend): ");
+        hooks?.onAfterPrompt?.();
+        if (otp === null) {
+            console.log("\n👋 Operation cancelled.");
+            return {
+                kind: "cancel",
+                status: "cancelled",
+                sessionId: "interactive-email-otp",
+            };
+        }
+        // 🔁 resend OTP (client-side throttle, NOT Cloudflare resend)
+        if (otp.toLowerCase() === "r") {
+            const now = Date.now();
+            if (now - lastResendAt < RESEND_COOLDOWN_MS) {
+                const wait = Math.ceil((RESEND_COOLDOWN_MS - (now - lastResendAt)) / 1000);
+                hooks?.onBeforePrompt?.();
+                console.log(chalk.gray(`⏳ Please wait`), chalk.red(`${wait}s`), chalk.gray(`before resending OTP.`));
+                continue;
+            }
+            lastResendAt = now;
+            const resendHandle = await dispatcherCall({
+                ...provisionContext,
+                commandType: "email.provision",
+                payload: {
+                    email,
+                    fullName,
+                    resendOtp: true
+                }
+            }, flowOptions, "dispatch");
+            const resendResult = await resendHandle.wait();
+            if (resendResult.kind === "github") {
+                throw new Error(`Unexpected github execution: ${resendResult.conclusion}`);
+            }
+            if (resendResult.kind === "cancel") {
+                throw new Error(`Resend cancelled: ${resendResult.status}`);
+            }
+            if (resendResult.status !== "sent" && resendResult.status !== "pending") {
+                throw new Error(`Resend failed: ${resendResult.status}`);
+            }
+            hooks?.onBeforePrompt?.();
+            console.log(chalk.gray("\n📩 OTP resent. Please check your inbox."));
+            continue;
+        }
+        // 🔒 Fail-fast: OTP must be exactly 6 digits (do not call server)
+        if (!/^\d{6}$/.test(otp)) {
+            hooks?.onBeforePrompt?.(); // stop spinner before printing message
+            console.log(chalk.gray("❌ OTP must be exactly 6 digits"));
+            continue;
+        }
+        const now = Date.now();
+        if (now < nextAllowedVerifyAt) {
+            const wait = Math.ceil((nextAllowedVerifyAt - now) / 1000);
+            hooks?.onBeforePrompt?.();
+            console.log(chalk.gray(`⏳ Please wait`), chalk.red(`${wait}s`), chalk.gray(`before trying again.`));
+            continue;
+        }
+        const res2 = await dispatcherCall({
+            ...provisionContext,
+            commandType: "identity.verify",
+            payload: {
+                email,
+                fullName,
+                otp
+            }
+        }, flowOptions, "dispatch");
+        const result2 = await res2.wait();
+        if (result2.kind === "github") {
+            throw new Error(`Unexpected github execution: ${result2.conclusion}`);
+        }
+        const verifyResult = await resolveRuntimeResult(result2);
+        // SUCCESS (OTP verified + provision completed)
+        if (result2.status === "provisioned") {
+            const alias = verifyResult?.alias;
+            console.log("\n✅ Email provisioned");
+            console.log(chalk.gray("\n📬 Please check your email for the next onboarding steps to complete your Viza setup."));
+            if (alias) {
+                console.log(chalk.gray(`\n📨 Your email account ${alias} has been created.\n` +
+                    `Please follow the instructions in your email to complete GitHub account setup before accessing Viza.\n`));
+            }
+            return result2;
+        }
+        // RETRY (cooldown or invalid)
+        if (result2.status === "pending") {
+            hooks?.onBeforePrompt?.();
+            const retryAfter = verifyResult?.retryAfter;
+            const attempts = verifyResult?.attempts;
+            const attemptsLeftFromServer = verifyResult?.attemptsLeft;
+            const maxAttempts = verifyResult?.maxAttempts;
+            const attemptsLeft = typeof attemptsLeftFromServer === "number"
+                ? attemptsLeftFromServer
+                : (typeof attempts === "number" && typeof maxAttempts === "number")
+                    ? Math.max(0, maxAttempts - attempts)
+                    : undefined;
+            if (typeof retryAfter === "number" && retryAfter > 0) {
+                nextAllowedVerifyAt = Date.now() + retryAfter;
+                console.log(chalk.gray("❌ Invalid OTP, please try again"));
+            }
+            else {
+                console.log(chalk.gray("❌ Invalid OTP, please try again"));
+            }
+            if (typeof attemptsLeft === "number") {
+                if (attemptsLeft <= 0) {
+                    console.log(chalk.red(`🚫 No attempts remaining. Please request a new OTP.`));
+                    return {
+                        kind: "cancel",
+                        status: "cancelled",
+                        sessionId: "interactive-email-otp",
+                    };
+                }
+                else if (attemptsLeft === 1) {
+                    console.log(chalk.red(`⚠️  Last attempt remaining! (1 left)`));
+                }
+                else if (attemptsLeft <= 3) {
+                    console.log(chalk.yellow(`⚠️  Only ${attemptsLeft} attempts left`));
+                }
+                else {
+                    console.log(chalk.gray(`Attempts left: ${attemptsLeft}`));
+                }
+            }
+            continue;
+        }
+        // HARD FAIL
+        throw new Error(`Verification failed: ${result2.status}`);
+    }
+}

package/dist/gateway/auth-header.d.ts

@@ -0,0 +1,2 @@
+export declare function buildAuthHeader(): Promise<Record<string, string>>;
+export declare function withAuthRetry<T>(run: (headers: Record<string, string>) => Promise<T>, shouldRefresh: (result: T) => boolean): Promise<T>;

package/dist/gateway/auth-header.js

@@ -0,0 +1,21 @@
+import { getAuthRuntime } from "../core/runtime.js";
+export async function buildAuthHeader() {
+    const token = await getAuthRuntime().tokenState.getValidAccessToken();
+    return {
+        Authorization: `Bearer ${token}`,
+    };
+}
+export async function withAuthRetry(run, shouldRefresh) {
+    const firstHeaders = await buildAuthHeader();
+    const first = await run(firstHeaders);
+    const retryDecision = shouldRefresh(first);
+    if (!retryDecision) {
+        return first;
+    }
+    const runtime = getAuthRuntime();
+    runtime.tokenState.forceExpireAccessToken();
+    await runtime.tokenState.refreshAccessToken();
+    const retryHeaders = await buildAuthHeader();
+    const retryResult = await run(retryHeaders);
+    return retryResult;
+}

package/dist/gateway/client.d.ts

@@ -0,0 +1,7 @@
+export interface GatewayClientRequest {
+    url: string;
+    method: "POST" | "GET";
+    body?: unknown;
+    timeoutMs?: number;
+}
+export declare function gatewayFetch(request: GatewayClientRequest): Promise<Response>;

package/dist/gateway/client.js

@@ -0,0 +1,24 @@
+import { withAuthRetry } from "./auth-header.js";
+export async function gatewayFetch(request) {
+    return withAuthRetry(async (auth) => {
+        const controller = new AbortController();
+        const timeout = setTimeout(() => controller.abort(), request.timeoutMs ?? 15_000);
+        try {
+            const init = {
+                method: request.method,
+                headers: {
+                    "Content-Type": "application/json",
+                    ...auth,
+                },
+                signal: controller.signal,
+            };
+            if (request.body !== undefined) {
+                init.body = JSON.stringify(request.body);
+            }
+            return await fetch(request.url, init);
+        }
+        finally {
+            clearTimeout(timeout);
+        }
+    }, (res) => res.status === 401 || res.status === 403);
+}

package/dist/gateway/dispatch-with-bootstrap-retry.d.ts

@@ -0,0 +1,25 @@
+import { DispatchInput, DispatchMode } from "../types/dispatcher.js";
+import { GatewayBootstrapConfig } from "../core/bootstrap.js";
+import { RuntimeEnv } from "../types/runtime-env.js";
+import { GatewayDispatchAccepted } from "./types.js";
+export interface DispatchWithBootstrapRetryInput {
+    input: DispatchInput;
+    mode: DispatchMode;
+    teams: string[];
+    bootstrap: GatewayBootstrapConfig;
+    targetEnv: RuntimeEnv;
+}
+export interface DispatchWithBootstrapRetryResult {
+    accepted: GatewayDispatchAccepted;
+    bootstrap: GatewayBootstrapConfig;
+}
+/**
+ * Attempt a dispatch with automatic bootstrap retry on encryption/decrypt failures.
+ *
+ * When the gateway rejects due to stale dispatch key or rotated runtime config,
+ * this function will:
+ *   1. Log why rebootstrap is triggered
+ *   2. Refresh bootstrap from the authenticated gateway (endpoint derived internally)
+ *   3. Retry the dispatch with fresh config
+ */
+export declare function dispatchWithBootstrapRetry(args: DispatchWithBootstrapRetryInput): Promise<DispatchWithBootstrapRetryResult>;

package/dist/gateway/dispatch-with-bootstrap-retry.js

@@ -0,0 +1,157 @@
+import { refreshBootstrapFromGateway } from "../core/bootstrap.js";
+import { dispatchToGateway } from "./dispatch.js";
+import { encryptPayload } from "../crypto/encrypt.js";
+import { DispatchRejectedError } from "../core/errors.js";
+/**
+ * Attempt a dispatch with automatic bootstrap retry on encryption/decrypt failures.
+ *
+ * When the gateway rejects due to stale dispatch key or rotated runtime config,
+ * this function will:
+ *   1. Log why rebootstrap is triggered
+ *   2. Refresh bootstrap from the authenticated gateway (endpoint derived internally)
+ *   3. Retry the dispatch with fresh config
+ */
+export async function dispatchWithBootstrapRetry(args) {
+    let bootstrapCfg = args.bootstrap;
+    let accepted;
+    try {
+        accepted = await attemptDispatch(args.input, bootstrapCfg, args.teams, args.mode, args.targetEnv);
+    }
+    catch (err) {
+        const rawMsg = String(err?.message || "").toLowerCase();
+        const retryable = rawMsg.includes("fetch failed") ||
+            rawMsg.includes("failed to reach gateway") ||
+            rawMsg.includes("enotfound") ||
+            rawMsg.includes("econn") ||
+            rawMsg.includes("networkerror") ||
+            rawMsg.includes("bootstrap_encryption_failed");
+        const hint = extractGatewayErrorHint(err);
+        const decryptReject = isDecryptReject(err);
+        const bootstrapHint = isBootstrapDecryptHint(hint.hintText);
+        const needsBootstrap = bootstrapHint || decryptReject;
+        if (!retryable && !needsBootstrap) {
+            throw new DispatchRejectedError(`Dispatch request rejected by gateway${hint.detail}`, { cause: err });
+        }
+        // Log why rebootstrap is happening
+        if (isBootstrapDecryptHint(hint.hintText) || isDecryptReject(err)) {
+            console.log("\n[auth] dispatch key expired — rebootstrap required");
+        }
+        else {
+            console.log("\n[auth] runtime config rotated — refreshing bootstrap config...");
+        }
+        try {
+            bootstrapCfg = await refreshBootstrapFromGateway(args.targetEnv);
+            console.log("[auth] retrying dispatch with refreshed bootstrap config...");
+            accepted = await attemptDispatch(args.input, bootstrapCfg, args.teams, args.mode, args.targetEnv);
+        }
+        catch (e) {
+            const rawRetryMsg = String(e?.message || "").toLowerCase();
+            const retryableAfterRetry = rawRetryMsg.includes("fetch failed") ||
+                rawRetryMsg.includes("failed to reach gateway") ||
+                rawRetryMsg.includes("enotfound") ||
+                rawRetryMsg.includes("econn") ||
+                rawRetryMsg.includes("networkerror");
+            if (retryableAfterRetry) {
+                throw new DispatchRejectedError([
+                    "Failed to reach the Viza gateway.",
+                    "Your internet connection may be disconnected or unstable.",
+                    "Please check your network connection and retry.",
+                ].join(" "), { cause: e });
+            }
+            const hint2 = extractGatewayErrorHint(e);
+            const needsBootstrap2 = isBootstrapDecryptHint(hint2.hintText) || isDecryptReject(e);
+            if (needsBootstrap2) {
+                throw new DispatchRejectedError("Gateway rejected encrypted payload after bootstrap refresh.", { cause: e });
+            }
+            throw new DispatchRejectedError(`Dispatch rejected after retry${hint2.detail}`, { cause: e });
+        }
+    }
+    if (!accepted) {
+        throw new DispatchRejectedError("Dispatch failed: missing gateway acceptance result");
+    }
+    return { accepted, bootstrap: bootstrapCfg };
+}
+async function attemptDispatch(input, bootstrapCfg, teams, mode, targetEnv) {
+    // SECURITY-CRITICAL:
+    // Fail fast locally before sending encrypted payloads to the gateway.
+    //
+    // `teams` are the authenticated canonical GitHub teams resolved from JWT/session.
+    // `allowedTeams` is the command allowlist contract.
+    //
+    // Gateway MUST still re-verify authorization server-side.
+    if (!input.allowedTeams.some(team => teams.includes(team))) {
+        throw new DispatchRejectedError(`You do not have permission to run "${input.commandType}" in target environment "${targetEnv}".`);
+    }
+    const req = buildGatewayReq(input, bootstrapCfg, teams);
+    if (!req.payload) {
+        throw new Error("bootstrap_encryption_failed");
+    }
+    return dispatchToGateway(req, { endpoint: bootstrapCfg.endpoint }, mode);
+}
+/**
+ * SECURITY-CRITICAL:
+ *
+ * `allowedTeams` MUST be forwarded to the gateway unchanged.
+ *
+ * Gateway/server authorization MUST verify that the authenticated
+ * GitHub identity extracted from JWT intersects with this allowlist.
+ *
+ * Removing or mutating this field weakens command-level authorization
+ * boundaries and may allow unauthorized command execution.
+ */
+function buildGatewayReq(input, cfg, teams) {
+    return {
+        intent: input.intent,
+        runType: input.runType,
+        infraKey: input.infraKey,
+        commandType: input.commandType,
+        allowedTeams: input.allowedTeams,
+        payload: encryptPayload(input.payload, {
+            serverPublicKeyRawB64: cfg.encrypt.publicKey,
+        }),
+        ...(input.runnerLabel !== undefined ? { runnerLabel: input.runnerLabel } : {}),
+        ...(input.keepLog !== undefined ? { keepLog: input.keepLog } : {}),
+        ...(input.flowGates !== undefined ? { flowGates: input.flowGates } : {}),
+        resourceId: input.resourceId,
+    };
+}
+function extractGatewayErrorHint(err) {
+    const rawMessage = String(err?.message || "").trim();
+    let structuredMessage = null;
+    const jsonStart = rawMessage.indexOf("{");
+    if (jsonStart >= 0) {
+        try {
+            const parsed = JSON.parse(rawMessage.slice(jsonStart).trim());
+            structuredMessage = parsed?.error?.message ?? parsed?.message ?? null;
+        }
+        catch {
+            // noop
+        }
+    }
+    const hintText = structuredMessage ?? rawMessage;
+    return {
+        hintText,
+        detail: hintText ? `: ${hintText}` : "",
+    };
+}
+function isBootstrapDecryptHint(hintText) {
+    return (hintText.includes("encrypted_payload_invalid_or_decrypt_failed") ||
+        hintText.includes("decrypt_failed") ||
+        hintText.includes("run_viza_bootstrap"));
+}
+function isDecryptReject(err) {
+    try {
+        const raw = String(err?.message || "");
+        const jsonStart = raw.indexOf("{");
+        if (jsonStart < 0)
+            return false;
+        const parsed = JSON.parse(raw.slice(jsonStart));
+        // New contract: server returns wrapped response with validation artifacts
+        // Check for reject action with encrypted payload in validation artifacts
+        return (parsed?.data?.action === "reject" &&
+            parsed?.data?.artifacts?.validation?.payload?.value?.alg === "x25519-hkdf-aes256gcm");
+    }
+    catch {
+        return false;
+    }
+}

package/dist/gateway/dispatch.d.ts

@@ -0,0 +1,23 @@
+import { GatewayDispatchRequest, GatewayDispatchAccepted } from "./types.js";
+import { DispatchMode } from "../types/dispatcher.js";
+export interface DispatchToGatewayOptions {
+    /**
+     * Base HTTPS endpoint of the gateway worker
+     * Example: https://dispatch.viza.io
+     */
+    endpoint: string;
+    /**
+     * Optional request timeout in ms (default: 15s)
+     */
+    timeoutMs?: number;
+}
+/**
+ * POST /dispatch
+ *
+ * Low-level gateway call.
+ * This function:
+ *  - does NOT retry
+ *  - does NOT handle UX
+ *  - does NOT swallow errors
+ */
+export declare function dispatchToGateway(req: GatewayDispatchRequest, options: DispatchToGatewayOptions, mode?: DispatchMode): Promise<GatewayDispatchAccepted>;

package/dist/gateway/dispatch.js

@@ -0,0 +1,110 @@
+import { gatewayFetch } from "./client.js";
+/**
+ * POST /dispatch
+ *
+ * Low-level gateway call.
+ * This function:
+ *  - does NOT retry
+ *  - does NOT handle UX
+ *  - does NOT swallow errors
+ */
+export async function dispatchToGateway(req, options, mode = "dispatch") {
+    const { endpoint, timeoutMs = 15_000 } = options;
+    if (!endpoint.startsWith("https://")) {
+        // Do not break the dispatcher flow. Treat this as a temporary gateway
+        // reachability failure so dispatcher can refresh bootstrap and retry.
+        return Promise.reject(new Error(`Failed to reach gateway: invalid endpoint (${endpoint})`));
+    }
+    const path = mode === "status"
+        ? "/status"
+        : mode === "cancel"
+            ? "/cancel"
+            : "/dispatch";
+    let res;
+    try {
+        res = await gatewayFetch({
+            url: `${endpoint}${path}`,
+            method: "POST",
+            body: req,
+            timeoutMs,
+        });
+    }
+    catch (err) {
+        if (err?.name === "AbortError") {
+            throw new Error("\nGateway dispatch request timed out");
+        }
+        throw new Error(`\nFailed to reach gateway: ${err?.message ?? err}`);
+    }
+    if (!res.ok) {
+        const text = await safeReadText(res);
+        throw new Error(`\nGateway HTTP error ${res.status}: ${text || res.statusText}`);
+    }
+    let rawText;
+    try {
+        rawText = await res.text();
+    }
+    catch {
+        throw new Error("\nGateway returned unreadable body");
+    }
+    let json;
+    try {
+        json = JSON.parse(rawText);
+    }
+    catch {
+        throw new Error("\nGateway returned invalid JSON");
+    }
+    // New contract: unwrap envelope from { ok, data, error }
+    const envelope = (json && typeof json === "object" && "data" in json)
+        ? json.data
+        : json;
+    // If server rejected, decide whether this is an encryption/decrypt-level
+    // rejection (which should trigger bootstrap refresh / retry) or a
+    // canonical runtime/business rejection which should be treated as a
+    // legitimate runtime outcome (DO NOT throw).
+    if (envelope?.action === "reject") {
+        // Detect encrypted-payload validation marker without using `any`.
+        const isDecryptReject = (() => {
+            try {
+                if (!envelope?.artifacts || typeof envelope.artifacts !== "object")
+                    return false;
+                const artifacts = envelope.artifacts;
+                const validation = artifacts["validation"];
+                if (!validation || typeof validation !== "object")
+                    return false;
+                const payload = validation["payload"];
+                if (!payload || typeof payload !== "object")
+                    return false;
+                const value = payload["value"];
+                if (!value || typeof value !== "object")
+                    return false;
+                const alg = value["alg"];
+                return alg === "x25519-hkdf-aes256gcm";
+            }
+            catch {
+                return false;
+            }
+        })();
+        if (isDecryptReject) {
+            // Preserve previous behavior for decryption rejects so retry logic
+            // can detect and refresh bootstrap keys.
+            throw new Error(`\nGateway dispatch rejected: ${rawText}`);
+        }
+        // Otherwise, this is a canonical runtime/business rejection. Return
+        // the envelope so it can be normalized into a DispatchResult downstream.
+        return envelope;
+    }
+    if (!envelope ||
+        typeof envelope !== "object" ||
+        typeof envelope.action !== "string") {
+        throw new Error("\nGateway response does not match canonical dispatch contract");
+    }
+    return envelope;
+}
+async function safeReadText(res) {
+    try {
+        return await res.text();
+    }
+    catch {
+        return undefined;
+    }
+}

package/dist/gateway/session-waiter.d.ts

@@ -0,0 +1,11 @@
+import type { DispatchInput, DispatchResult } from "../types/dispatcher.js";
+import type { GatewayDispatchAccepted } from "./types.js";
+/**
+ * Wait for the result of an accepted dispatch session.
+ *
+ * Routes through the GatewayDispatchAccepted action:
+ *   - "reject" / "idle" → throws or returns early
+ *   - "cancel" / "done" → returns immediately
+ *   - "dispatch" / "reuse" → connects WebSocket, waits, finalizes
+ */
+export declare function waitResultFromAccepted(accepted: GatewayDispatchAccepted, input: DispatchInput): Promise<DispatchResult>;