@vm0/cli 9.177.12 → 9.177.14

package/{chunk-6E4KIIR5.js → chunk-FHVH4FYZ.js}

@@ -74083,7 +74083,7 @@ if (DSN) {
   init2({
     dsn: DSN,
     environment: process.env.SENTRY_ENVIRONMENT ?? "production",
-    release: "9.177.12",
+    release: "9.177.14",
     sendDefaultPii: false,
     tracesSampleRate: 0,
     shutdownTimeout: 500,
@@ -74102,7 +74102,7 @@ if (DSN) {
     }
   });
   setContext("cli", {
-    version: "9.177.12",
+    version: "9.177.14",
     command: process.argv.slice(2).join(" ")
   });
   setContext("runtime", {
@@ -93050,8 +93050,1406 @@ var authHeadersSchema = external_exports.object({
   authorization: external_exports.string().optional()
 });
 
-// ../../packages/api-contracts/src/contracts/composes.ts
+// ../../packages/api-contracts/src/contracts/runners.ts
+init_esm_shims();
+
+// ../../packages/connectors/src/firewall-types.ts
+init_esm_shims();
+
+// ../../packages/connectors/src/firewall-url-utils.ts
+init_esm_shims();
+var ASCII_CONTROL_MAX = 32;
+var ASCII_DELETE = 127;
+var UNICODE_HIGH_SURROGATE_MIN = 55296;
+var UNICODE_HIGH_SURROGATE_MAX = 56319;
+var UNICODE_LOW_SURROGATE_MIN = 56320;
+var UNICODE_LOW_SURROGATE_MAX = 57343;
+function hasRawWhitespace(value) {
+  for (let i = 0; i < value.length; i += 1) {
+    const char = value[i];
+    if (char === " " || char === "	" || char === "\n" || char === "\r" || char === "\f" || char === "\v") {
+      return true;
+    }
+  }
+  return false;
+}
+function hasUnsafeUrlCodepoint(value) {
+  for (let i = 0; i < value.length; i += 1) {
+    const codeUnit = value.charCodeAt(i);
+    if (codeUnit < ASCII_CONTROL_MAX || codeUnit === ASCII_DELETE) {
+      return true;
+    }
+    if (UNICODE_HIGH_SURROGATE_MIN <= codeUnit && codeUnit <= UNICODE_HIGH_SURROGATE_MAX) {
+      const nextCodeUnit = value.charCodeAt(i + 1);
+      if (!(UNICODE_LOW_SURROGATE_MIN <= nextCodeUnit && nextCodeUnit <= UNICODE_LOW_SURROGATE_MAX)) {
+        return true;
+      }
+      i += 1;
+      continue;
+    }
+    if (UNICODE_LOW_SURROGATE_MIN <= codeUnit && codeUnit <= UNICODE_LOW_SURROGATE_MAX) {
+      return true;
+    }
+  }
+  return false;
+}
+
+// ../../packages/connectors/src/segment-parser.ts
+init_esm_shims();
+var ERROR_HINT = 'use "{name}", "prefix{name}", "{name}suffix", or "prefix{name}suffix"';
+function parseSegment(seg) {
+  const openCount = countChar(seg, "{");
+  const closeCount = countChar(seg, "}");
+  if (openCount === 0 && closeCount === 0) {
+    return { kind: "literal", value: seg };
+  }
+  if (openCount !== closeCount) {
+    return {
+      kind: "error",
+      reason: `unbalanced brace in segment "${seg}" \u2014 ${ERROR_HINT}`
+    };
+  }
+  const open1 = seg.indexOf("{");
+  const close1 = seg.indexOf("}");
+  if (close1 < open1) {
+    return {
+      kind: "error",
+      reason: `unbalanced brace in segment "${seg}" \u2014 ${ERROR_HINT}`
+    };
+  }
+  if (openCount >= 2) {
+    const open2 = seg.indexOf("{", close1 + 1);
+    if (close1 + 1 === open2) {
+      return {
+        kind: "error",
+        reason: `adjacent parameters in segment "${seg}" \u2014 only one parameter per segment is allowed; ${ERROR_HINT}`
+      };
+    }
+    return {
+      kind: "error",
+      reason: `literal-separated parameters in segment "${seg}" \u2014 only one parameter per segment is allowed; ${ERROR_HINT}`
+    };
+  }
+  const prefix = seg.slice(0, open1);
+  const content = seg.slice(open1 + 1, close1);
+  const suffix = seg.slice(close1 + 1);
+  if (prefix.includes("{") || prefix.includes("}") || suffix.includes("{") || suffix.includes("}")) {
+    return {
+      kind: "error",
+      reason: `unbalanced brace in segment "${seg}" \u2014 ${ERROR_HINT}`
+    };
+  }
+  let greedy = "";
+  let name = content;
+  if (content.length > 0) {
+    const last = content[content.length - 1];
+    if (last === "+" || last === "*") {
+      greedy = last;
+      name = content.slice(0, -1);
+    }
+  }
+  if (name.length === 0) {
+    return {
+      kind: "error",
+      reason: `empty parameter name in segment "${seg}" \u2014 ${ERROR_HINT}`
+    };
+  }
+  return { kind: "param", prefix, name, suffix, greedy };
+}
+function splitPathSegments(path3) {
+  if (path3 === "" || path3 === "/") return [];
+  const pathWithoutLeadingSlash = path3.startsWith("/") ? path3.slice(1) : path3;
+  if (pathWithoutLeadingSlash === "") return [];
+  return pathWithoutLeadingSlash.split("/");
+}
+function countChar(s, ch) {
+  let n = 0;
+  for (let i = 0; i < s.length; i++) {
+    if (s[i] === ch) n++;
+  }
+  return n;
+}
+
+// ../../packages/connectors/src/firewall-types.ts
+var firewallPermissionSchema = external_exports.object({
+  name: external_exports.string(),
+  description: external_exports.string().optional(),
+  rules: external_exports.array(external_exports.string())
+});
+var firewallApiSchema = external_exports.object({
+  base: external_exports.string(),
+  auth: external_exports.object({
+    headers: external_exports.record(external_exports.string(), external_exports.string()).optional(),
+    base: external_exports.string().optional(),
+    query: external_exports.record(external_exports.string(), external_exports.string()).optional()
+  }),
+  permissions: external_exports.array(firewallPermissionSchema).optional()
+});
+var firewallSchema = external_exports.object({
+  name: external_exports.string(),
+  apis: external_exports.array(firewallApiSchema)
+});
+var firewallsSchema = external_exports.array(firewallSchema);
+var firewallConfigSchema = external_exports.object({
+  name: external_exports.string().min(1, "Firewall name is required"),
+  description: external_exports.string().optional(),
+  apis: external_exports.array(firewallApiSchema).min(1, "Firewall must have at least one API entry"),
+  placeholders: external_exports.record(external_exports.string(), external_exports.string()).optional()
+});
+var firewallPolicyValueSchema = external_exports.enum(["allow", "deny", "ask"]);
+var firewallPolicySchema = external_exports.object({
+  policies: external_exports.record(external_exports.string(), firewallPolicyValueSchema),
+  unknownPolicy: firewallPolicyValueSchema.optional()
+});
+var firewallPoliciesSchema = external_exports.record(
+  external_exports.string(),
+  firewallPolicySchema
+);
+var networkPolicySchema = external_exports.object({
+  allow: external_exports.array(external_exports.string()),
+  deny: external_exports.array(external_exports.string()),
+  ask: external_exports.array(external_exports.string()),
+  unknownPolicy: firewallPolicyValueSchema
+});
+var networkPoliciesSchema = external_exports.record(external_exports.string(), networkPolicySchema);
+var AUTH_SECRET_PATTERN = /\$\{\{\s*secrets\.([a-zA-Z_][a-zA-Z0-9_]*)\s*\}\}/g;
+var AUTH_REFERENCE_PATTERN = /\$\{\{\s*(secrets|vars)\.([a-zA-Z_][a-zA-Z0-9_]*)\s*\}\}/g;
+var AUTH_REFERENCE_PATTERN_G = new RegExp(AUTH_REFERENCE_PATTERN.source, "g");
+var AUTH_REFERENCE_PREFIX_PATTERN = new RegExp(
+  `^${AUTH_REFERENCE_PATTERN.source}`
+);
+var AUTH_TEMPLATE_START = "${{";
+var AUTH_TEMPLATE_URL_PLACEHOLDER = "placeholder";
+var IPV4_MAX_OCTET = 255;
+function isTemplateWhitespace(char) {
+  return char === " " || char === "	" || char === "\n" || char === "\r" || char === "\f" || char === "\v";
+}
+function skipTemplateWhitespace(template, index) {
+  let nextIndex = index;
+  while (nextIndex < template.length && isTemplateWhitespace(template[nextIndex])) {
+    nextIndex += 1;
+  }
+  return nextIndex;
+}
+function isIdentifierStart(char) {
+  const code = char.charCodeAt(0);
+  return char === "_" || code >= 65 && code <= 90 || code >= 97 && code <= 122;
+}
+function isIdentifierPart(char) {
+  const code = char.charCodeAt(0);
+  return isIdentifierStart(char) || code >= 48 && code <= 57;
+}
+function parseTemplateIdentifier(template, index) {
+  if (index >= template.length || !isIdentifierStart(template[index])) {
+    return null;
+  }
+  let nextIndex = index + 1;
+  while (nextIndex < template.length && isIdentifierPart(template[nextIndex])) {
+    nextIndex += 1;
+  }
+  return {
+    value: template.slice(index, nextIndex),
+    index: nextIndex
+  };
+}
+function createBasicAuthTemplateParserContext(template) {
+  const nextQuoteIndexes = new Int32Array(template.length + 1);
+  const nextBackslashIndexes = new Int32Array(template.length + 1);
+  const nextTemplateIndexes = new Int32Array(template.length + 1);
+  let nextQuoteIndex = -1;
+  let nextBackslashIndex = -1;
+  let nextTemplateIndex = -1;
+  nextQuoteIndexes[template.length] = nextQuoteIndex;
+  nextBackslashIndexes[template.length] = nextBackslashIndex;
+  nextTemplateIndexes[template.length] = nextTemplateIndex;
+  for (let index = template.length - 1; index >= 0; index -= 1) {
+    if (template[index] === '"') {
+      nextQuoteIndex = index;
+    }
+    if (template[index] === "\\") {
+      nextBackslashIndex = index;
+    }
+    if (template.startsWith("${{", index)) {
+      nextTemplateIndex = index;
+    }
+    nextQuoteIndexes[index] = nextQuoteIndex;
+    nextBackslashIndexes[index] = nextBackslashIndex;
+    nextTemplateIndexes[index] = nextTemplateIndex;
+  }
+  return { nextQuoteIndexes, nextBackslashIndexes, nextTemplateIndexes };
+}
+function parseBasicAuthTemplateArg(context2, template, index) {
+  let nextIndex = skipTemplateWhitespace(template, index);
+  const char = template[nextIndex];
+  if (char === "," || char === ")") {
+    return { arg: {}, index: nextIndex };
+  }
+  if (char === '"') {
+    const literalStart = nextIndex + 1;
+    const quoteIndex = context2.nextQuoteIndexes[literalStart] ?? -1;
+    if (quoteIndex === -1) {
+      const nestedTemplateStart = context2.nextTemplateIndexes[literalStart] ?? -1;
+      return {
+        arg: null,
+        index: nestedTemplateStart === -1 ? template.length : nestedTemplateStart
+      };
+    }
+    const escapeIndex = context2.nextBackslashIndexes[literalStart] ?? -1;
+    if (escapeIndex !== -1 && escapeIndex < quoteIndex) {
+      const nestedTemplateStart = context2.nextTemplateIndexes[literalStart] ?? -1;
+      return {
+        arg: null,
+        index: nestedTemplateStart !== -1 && nestedTemplateStart < escapeIndex ? nestedTemplateStart : escapeIndex + 1
+      };
+    }
+    return {
+      arg: { literal: template.slice(literalStart, quoteIndex) },
+      index: quoteIndex + 1
+    };
+  }
+  let namespace;
+  if (template.startsWith("secrets.", nextIndex)) {
+    namespace = "secrets";
+    nextIndex += "secrets.".length;
+  } else if (template.startsWith("vars.", nextIndex)) {
+    namespace = "vars";
+    nextIndex += "vars.".length;
+  } else {
+    return { arg: null, index: nextIndex };
+  }
+  const key = parseTemplateIdentifier(template, nextIndex);
+  if (!key) {
+    return { arg: null, index: nextIndex };
+  }
+  return {
+    arg: { namespace, key: key.value },
+    index: key.index
+  };
+}
+function parseBasicAuthTemplateAt(context2, template, start) {
+  let index = start + "${{".length;
+  index = skipTemplateWhitespace(template, index);
+  if (!template.startsWith("basic(", index)) {
+    return { match: null, index: start + "${{".length };
+  }
+  index += "basic(".length;
+  const first = parseBasicAuthTemplateArg(context2, template, index);
+  if (!first.arg) {
+    return { match: null, index: first.index };
+  }
+  index = skipTemplateWhitespace(template, first.index);
+  if (template[index] !== ",") {
+    return { match: null, index: Math.max(index + 1, first.index) };
+  }
+  index += 1;
+  const second = parseBasicAuthTemplateArg(context2, template, index);
+  if (!second.arg) {
+    return { match: null, index: second.index };
+  }
+  index = skipTemplateWhitespace(template, second.index);
+  if (template[index] !== ")") {
+    return { match: null, index: Math.max(index + 1, second.index) };
+  }
+  index += 1;
+  index = skipTemplateWhitespace(template, index);
+  if (!template.startsWith("}}", index)) {
+    return { match: null, index: Math.max(index + 1, second.index) };
+  }
+  const end = index + "}}".length;
+  return {
+    match: {
+      start,
+      end,
+      first: first.arg,
+      second: second.arg
+    },
+    index: end
+  };
+}
+function findNextBasicAuthTemplateStart(template, index) {
+  let basicIndex = template.indexOf("basic(", index);
+  while (basicIndex !== -1) {
+    let contentStart = basicIndex;
+    while (contentStart > index && isTemplateWhitespace(template[contentStart - 1])) {
+      contentStart -= 1;
+    }
+    const start = contentStart - "${{".length;
+    if (start >= index && template.startsWith("${{", start)) {
+      return start;
+    }
+    basicIndex = template.indexOf("basic(", basicIndex + "basic(".length);
+  }
+  return -1;
+}
+function parseBasicAuthTemplates(template) {
+  const matches = [];
+  let start = findNextBasicAuthTemplateStart(template, 0);
+  if (start === -1) {
+    return matches;
+  }
+  const context2 = createBasicAuthTemplateParserContext(template);
+  while (start !== -1) {
+    const parsed = parseBasicAuthTemplateAt(context2, template, start);
+    if (parsed.match) {
+      matches.push(parsed.match);
+      start = findNextBasicAuthTemplateStart(template, parsed.index);
+    } else {
+      start = findNextBasicAuthTemplateStart(
+        template,
+        Math.max(parsed.index, start + "${{".length)
+      );
+    }
+  }
+  return matches;
+}
+function forEachSimpleAuthReference(template, basicMatches, callback) {
+  let basicMatchIndex = 0;
+  for (const match of template.matchAll(AUTH_REFERENCE_PATTERN)) {
+    if (!match[1] || !match[2] || match.index === void 0) {
+      continue;
+    }
+    while (basicMatchIndex < basicMatches.length && basicMatches[basicMatchIndex].end <= match.index) {
+      basicMatchIndex += 1;
+    }
+    const basicMatch = basicMatches[basicMatchIndex];
+    if (basicMatch && match.index >= basicMatch.start && match.index < basicMatch.end) {
+      continue;
+    }
+    callback(match[1], match[2]);
+  }
+}
+function extractSecretNamesFromApis(apis) {
+  const names = /* @__PURE__ */ new Set();
+  for (const entry of apis) {
+    for (const value of Object.values(entry.auth.headers ?? {})) {
+      const basicMatches = parseBasicAuthTemplates(value);
+      forEachSimpleAuthReference(value, basicMatches, (namespace, name) => {
+        if (namespace === "secrets") {
+          names.add(name);
+        }
+      });
+      for (const match of basicMatches) {
+        if (match.first.namespace === "secrets" && match.first.key) {
+          names.add(match.first.key);
+        }
+        if (match.second.namespace === "secrets" && match.second.key) {
+          names.add(match.second.key);
+        }
+      }
+    }
+    if (entry.auth.base) {
+      for (const match of entry.auth.base.matchAll(AUTH_SECRET_PATTERN)) {
+        names.add(match[1]);
+      }
+    }
+    if (entry.auth.query) {
+      for (const value of Object.values(entry.auth.query)) {
+        for (const match of value.matchAll(AUTH_SECRET_PATTERN)) {
+          names.add(match[1]);
+        }
+      }
+    }
+  }
+  return [...names];
+}
+var BASE_URL_VARS_PATTERN = /\$\{\{\s*vars\.([a-zA-Z_][a-zA-Z0-9_]*)\s*\}\}/;
+var BASE_URL_VARS_PATTERN_G = new RegExp(BASE_URL_VARS_PATTERN.source, "g");
+function hasBaseUrlVars(base) {
+  return BASE_URL_VARS_PATTERN.test(base);
+}
+function hasBaseUrlParams(base) {
+  let stripped = base;
+  let start = stripped.indexOf("${{");
+  while (start !== -1) {
+    const end = stripped.indexOf("}}", start + 3);
+    if (end === -1) break;
+    stripped = stripped.slice(0, start) + stripped.slice(end + 2);
+    start = stripped.indexOf("${{");
+  }
+  return stripped.includes("{") && stripped.includes("}");
+}
+function errMsg(base, svc, detail) {
+  return `Invalid base URL "${base}" in firewall "${svc}": ${detail}`;
+}
+var HOST_DOT_EQUIVALENTS = /* @__PURE__ */ new Set([".", "\u3002", "\uFF0E", "\uFF61"]);
+var HOST_DOT_EQUIVALENT_PATTERN = /[\u3002\uff0e\uff61]/g;
+var FORBIDDEN_NORMALIZED_LABEL_CHARS = new Set("#%,/:<>?@[\\]^|[]".split(""));
+var ALLOWED_BASE_URL_SCHEMES = /* @__PURE__ */ new Set(["http", "https"]);
+var WHITESPACE_PATTERN = /\s/u;
+var UNICODE_CONTROL_PATTERN = /\p{C}/u;
+var UNICODE_MARK_PATTERN = /\p{M}/u;
+var UNICODE_LETTER_PATTERN = /\p{L}/u;
+var GREEK_COMBINING_YPOGEGRAMMENI = "\u0345";
+var GREEK_SMALL_IOTA = "\u03B9";
+var IDNA_BIDI_RTL_LABEL_RANGES = [
+  [1565, 1565],
+  [2160, 2190],
+  [2229, 2229],
+  [2248, 2249],
+  [64450, 64450],
+  [69488, 69505],
+  [69510, 69513]
+];
+var UNSAFE_UTS46_COLLISION_CHARS = /* @__PURE__ */ new Set([
+  "\u03F2",
+  "\u04C0",
+  "\u1E9E",
+  "\u1806",
+  "\u2132",
+  "\u2183",
+  "\u3164",
+  "\uFFA0",
+  "\uFFFC",
+  "\uFFFD",
+  "\u{2F868}",
+  "\u{2F874}",
+  "\u{2F91F}",
+  "\u{2F95F}",
+  "\u{2F9BF}"
+]);
+var UNSAFE_UTS46_COLLISION_RANGES = [
+  [4256, 4293],
+  [4447, 4448],
+  [6068, 6069],
+  [12272, 12283]
+];
+var UNSAFE_UTS46_IGNORABLE_RANGES = [
+  [847, 847],
+  [6155, 6157],
+  [6159, 6159],
+  [65024, 65039],
+  [917760, 917999]
+];
+function isHexDigit(char) {
+  return char >= "0" && char <= "9" || char >= "a" && char <= "f" || char >= "A" && char <= "F";
+}
+function validateBaseUrlScheme(scheme, base, serviceName2) {
+  if (!ALLOWED_BASE_URL_SCHEMES.has(scheme.toLowerCase())) {
+    throw new Error(errMsg(base, serviceName2, "scheme must be http or https"));
+  }
+}
+function validateUrlSchemeDelimiter(value, serviceName2, label, displayValue = value) {
+  if (value.includes("://")) return;
+  const colonIndex = value.indexOf(":");
+  if (colonIndex !== -1) {
+    const scheme = value.slice(0, colonIndex);
+    if (!ALLOWED_BASE_URL_SCHEMES.has(scheme.toLowerCase())) {
+      throw new Error(
+        `Invalid ${label} "${displayValue}" in firewall "${serviceName2}": scheme must be http or https`
+      );
+    }
+    throw new Error(
+      `Invalid ${label} "${displayValue}" in firewall "${serviceName2}": URL must include "://" after the scheme`
+    );
+  }
+  throw new Error(
+    `Invalid ${label} "${displayValue}" in firewall "${serviceName2}": URL must include a scheme (e.g. "https://${displayValue}")`
+  );
+}
+function isAscii(value) {
+  for (let i = 0; i < value.length; i += 1) {
+    if (value.charCodeAt(i) > 127) return false;
+  }
+  return true;
+}
+function isIpv4NumberComponent(value) {
+  if (value === "") return false;
+  if (value.toLowerCase().startsWith("0x")) {
+    return value.length > 2 && [...value.slice(2)].every((char) => {
+      return isHexDigit(char);
+    });
+  }
+  return [...value].every((char) => {
+    return char >= "0" && char <= "9";
+  });
+}
+function isIpv4LiteralLike(value) {
+  const parts = value.split(".");
+  return parts.length >= 1 && parts.length <= 4 && parts.every(isIpv4NumberComponent);
+}
+function isCanonicalIpv4Address(value) {
+  const parts = value.split(".");
+  if (parts.length !== 4) return false;
+  return parts.every((part) => {
+    if (part === "" || ![...part].every((char) => {
+      return char >= "0" && char <= "9";
+    })) {
+      return false;
+    }
+    if (part.length > 1 && part.startsWith("0")) return false;
+    return Number(part) <= IPV4_MAX_OCTET;
+  });
+}
+function codePointInRanges(codePoint, ranges) {
+  return ranges.some(([start, end]) => {
+    return start <= codePoint && codePoint <= end;
+  });
+}
+function hasUnsafeUts46MappingChar(value) {
+  for (const char of value) {
+    const codePoint = char.codePointAt(0);
+    if (UNSAFE_UTS46_COLLISION_CHARS.has(char) || codePoint !== void 0 && (codePointInRanges(codePoint, UNSAFE_UTS46_COLLISION_RANGES) || codePointInRanges(codePoint, UNSAFE_UTS46_IGNORABLE_RANGES))) {
+      return true;
+    }
+  }
+  return false;
+}
+function normalizesToAscii(value) {
+  return isAscii(normalizeLabelTextForIdnaValidation(value));
+}
+function normalizeLabelTextForIdnaValidation(value) {
+  return value.replaceAll(GREEK_COMBINING_YPOGEGRAMMENI, GREEK_SMALL_IOTA).normalize("NFKD").normalize("NFC").toLowerCase();
+}
+function hasForbiddenNormalizedLabelChar(value) {
+  for (const char of normalizeLabelTextForIdnaValidation(value)) {
+    if (FORBIDDEN_NORMALIZED_LABEL_CHARS.has(char) || HOST_DOT_EQUIVALENTS.has(char) || WHITESPACE_PATTERN.test(char) || UNICODE_CONTROL_PATTERN.test(char)) {
+      return true;
+    }
+  }
+  return false;
+}
+function normalizedLabelStartsWithMark(value) {
+  const [firstChar] = normalizeLabelTextForIdnaValidation(value);
+  return firstChar !== void 0 && UNICODE_MARK_PATTERN.test(firstChar);
+}
+function isIdnaBidiRtlLabelChar(char) {
+  const codePoint = char.codePointAt(0);
+  return codePoint !== void 0 && codePointInRanges(codePoint, IDNA_BIDI_RTL_LABEL_RANGES);
+}
+function isLtrLetterForBidiCheck(char) {
+  return UNICODE_LETTER_PATTERN.test(char) && !isIdnaBidiRtlLabelChar(char);
+}
+function isAsciiDigit(char) {
+  return char >= "0" && char <= "9";
+}
+function isArabicNumberForBidiCheck(char) {
+  const codePoint = char.codePointAt(0);
+  return codePoint !== void 0 && 1632 <= codePoint && codePoint <= 1641;
+}
+function effectiveBidiEndChar(chars) {
+  for (let index = chars.length - 1; index >= 0; index -= 1) {
+    const char = chars[index];
+    if (!UNICODE_MARK_PATTERN.test(char)) return char;
+  }
+  return chars.at(-1);
+}
+function firstEffectiveBidiChar(chars) {
+  return chars.find((char) => {
+    return !UNICODE_MARK_PATTERN.test(char);
+  });
+}
+function isRtlEndCharForBidiCheck(char) {
+  return isIdnaBidiRtlLabelChar(char) || isAsciiDigit(char) || isArabicNumberForBidiCheck(char);
+}
+function hasInvalidMixedBidiLabelText(value) {
+  const chars = Array.from(normalizeLabelTextForIdnaValidation(value));
+  const firstRtlIndex = chars.findIndex((char) => {
+    return isIdnaBidiRtlLabelChar(char);
+  });
+  if (firstRtlIndex === -1) return false;
+  const suffix = chars.slice(firstRtlIndex + 1);
+  if (firstRtlIndex === 0) {
+    const suffixHasLtrLetter2 = suffix.some((char) => {
+      return isLtrLetterForBidiCheck(char);
+    });
+    if (suffixHasLtrLetter2) return true;
+    const endChar2 = effectiveBidiEndChar(chars);
+    return endChar2 !== void 0 && !isRtlEndCharForBidiCheck(endChar2);
+  }
+  const suffixHasLtrLetter = suffix.some((char) => {
+    return isLtrLetterForBidiCheck(char);
+  });
+  if (suffixHasLtrLetter) return true;
+  const prefix = chars.slice(0, firstRtlIndex);
+  const prefixHasLtrLetter = prefix.some((char) => {
+    return isLtrLetterForBidiCheck(char);
+  });
+  if (prefixHasLtrLetter) {
+    if (prefix.some(isArabicNumberForBidiCheck)) return true;
+    const firstPrefixChar = firstEffectiveBidiChar(prefix);
+    if (firstPrefixChar === void 0 || !isLtrLetterForBidiCheck(firstPrefixChar)) {
+      return true;
+    }
+    return suffix.some((char) => {
+      return !UNICODE_MARK_PATTERN.test(char);
+    });
+  }
+  const endChar = effectiveBidiEndChar(chars);
+  return endChar !== void 0 && !isRtlEndCharForBidiCheck(endChar);
+}
+function baseUrlRawSyntaxTarget(base) {
+  return base.replace(BASE_URL_VARS_PATTERN_G, AUTH_TEMPLATE_URL_PLACEHOLDER);
+}
+function validateHostPercentEncoding(host, base, serviceName2) {
+  if (host.includes(",")) {
+    throw new Error(errMsg(base, serviceName2, "host must not contain commas"));
+  }
+  for (let i = 0; i < host.length; i += 1) {
+    if (host[i] !== "%") continue;
+    if (i + 2 >= host.length || !isHexDigit(host[i + 1]) || !isHexDigit(host[i + 2])) {
+      throw new Error(
+        errMsg(base, serviceName2, "host has invalid percent encoding")
+      );
+    }
+    let end = i;
+    while (end + 2 < host.length && host[end] === "%" && isHexDigit(host[end + 1]) && isHexDigit(host[end + 2])) {
+      end += 3;
+    }
+    let decoded;
+    try {
+      decoded = decodeURIComponent(host.slice(i, end));
+    } catch {
+      throw new Error(
+        errMsg(base, serviceName2, "host has invalid percent encoding")
+      );
+    }
+    for (const char of decoded) {
+      if (char === "{" || char === "}") {
+        throw new Error(
+          errMsg(
+            base,
+            serviceName2,
+            "host must not contain percent-encoded braces"
+          )
+        );
+      }
+      if (HOST_DOT_EQUIVALENTS.has(char)) {
+        throw new Error(
+          errMsg(
+            base,
+            serviceName2,
+            "host must not contain percent-encoded dots"
+          )
+        );
+      }
+      if (char === ",") {
+        throw new Error(
+          errMsg(base, serviceName2, "host must not contain commas")
+        );
+      }
+    }
+    i = end - 1;
+  }
+  if (host.includes("%")) {
+    let decoded;
+    try {
+      decoded = decodeURIComponent(host);
+    } catch {
+      throw new Error(
+        errMsg(base, serviceName2, "host has invalid percent encoding")
+      );
+    }
+    validateHostHasNoUnsafeIdnaMappings(decoded, base, serviceName2);
+  }
+}
+function rawAuthorityFromBaseUrl(base) {
+  const schemeEnd = base.indexOf("://");
+  if (schemeEnd === -1) return null;
+  const rest = base.slice(schemeEnd + 3);
+  const delimiterIndexes = [
+    rest.indexOf("/"),
+    rest.indexOf("?"),
+    rest.indexOf("#")
+  ].filter((index) => {
+    return index !== -1;
+  });
+  const authorityEnd = delimiterIndexes.length === 0 ? -1 : Math.min(...delimiterIndexes);
+  return authorityEnd === -1 ? rest : rest.slice(0, authorityEnd);
+}
+function validateNoUserinfo(authority, base, serviceName2) {
+  if (authority.includes("@")) {
+    throw new Error(errMsg(base, serviceName2, "must not contain userinfo"));
+  }
+}
+function validateHostHasNoEmptyLabels(host, base, serviceName2) {
+  let normalizedHost = host.replace(HOST_DOT_EQUIVALENT_PATTERN, ".");
+  if (normalizedHost.endsWith(".")) {
+    normalizedHost = normalizedHost.slice(0, -1);
+  }
+  if (normalizedHost === "" || normalizedHost.endsWith(".") || normalizedHost.split(".").some((label) => {
+    return label === "";
+  })) {
+    throw new Error(
+      errMsg(base, serviceName2, "host must not contain empty labels")
+    );
+  }
+  return normalizedHost;
+}
+function normalizeHostForIpv4LiteralSyntax(host) {
+  let normalized = host.replace(HOST_DOT_EQUIVALENT_PATTERN, ".").toLowerCase();
+  if (normalized.endsWith(".")) {
+    normalized = normalized.slice(0, -1);
+  }
+  return normalized;
+}
+function rawHostForCanonicalIpv4Syntax(host) {
+  const normalized = host.toLowerCase();
+  return normalized.endsWith(".") ? normalized.slice(0, -1) : normalized;
+}
+function splitAuthorityHostSegments(host) {
+  if (host.startsWith("[") && host.endsWith("]")) {
+    return [host];
+  }
+  return host.split(".");
+}
+function rawHostFromAuthority(authority) {
+  const withoutUserinfo = authority.slice(authority.lastIndexOf("@") + 1);
+  if (withoutUserinfo.startsWith("[")) {
+    const closeBracket = withoutUserinfo.indexOf("]");
+    return closeBracket === -1 ? withoutUserinfo : withoutUserinfo.slice(0, closeBracket + 1);
+  }
+  const portSeparator = withoutUserinfo.lastIndexOf(":");
+  return portSeparator === -1 ? withoutUserinfo : withoutUserinfo.slice(0, portSeparator);
+}
+function validateLabelHasNoUnsafeIdnaMappings(label, base, serviceName2) {
+  const parsed = parseSegment(label);
+  const value = parsed.kind === "param" ? `${parsed.prefix}${parsed.suffix}` : label;
+  if (value === "" || isAscii(value)) return;
+  if (hasForbiddenNormalizedLabelChar(value)) {
+    throw new Error(
+      errMsg(
+        base,
+        serviceName2,
+        "host must not contain characters that normalize to forbidden host syntax"
+      )
+    );
+  }
+  if (normalizedLabelStartsWithMark(value)) {
+    throw new Error(
+      errMsg(
+        base,
+        serviceName2,
+        "host label must not start with a combining mark"
+      )
+    );
+  }
+  if (hasInvalidMixedBidiLabelText(value)) {
+    throw new Error(
+      errMsg(
+        base,
+        serviceName2,
+        "host must not contain invalid bidirectional label text"
+      )
+    );
+  }
+  if (hasUnsafeUts46MappingChar(value) || normalizesToAscii(value)) {
+    throw new Error(
+      errMsg(
+        base,
+        serviceName2,
+        "host must not contain unsafe IDNA compatibility mappings"
+      )
+    );
+  }
+}
+function validateHostHasNoUnsafeIdnaMappings(authorityOrHost, base, serviceName2) {
+  const host = rawHostFromAuthority(authorityOrHost);
+  if (host.startsWith("[") && host.endsWith("]")) return;
+  for (const label of host.replace(HOST_DOT_EQUIVALENT_PATTERN, ".").split(".")) {
+    validateLabelHasNoUnsafeIdnaMappings(label, base, serviceName2);
+  }
+}
+function validateHostHasCanonicalIpv4Syntax(authorityOrHost, base, serviceName2) {
+  const host = rawHostFromAuthority(authorityOrHost);
+  if (host.startsWith("[") && host.endsWith("]")) return;
+  const normalizedHost = normalizeHostForIpv4LiteralSyntax(host);
+  if (isIpv4LiteralLike(normalizedHost) && (rawHostForCanonicalIpv4Syntax(host) !== normalizedHost || !isCanonicalIpv4Address(normalizedHost))) {
+    throw new Error(
+      errMsg(base, serviceName2, "host must use canonical IPv4 address syntax")
+    );
+  }
+}
+function splitParameterizedAuthority(authority, base, serviceName2) {
+  let host = authority;
+  let portSuffix = "";
+  if (authority.startsWith("[")) {
+    const closeBracket = authority.indexOf("]");
+    if (closeBracket === -1) {
+      throw new Error(errMsg(base, serviceName2, "not a valid URL authority"));
+    }
+    host = authority.slice(0, closeBracket + 1);
+    portSuffix = authority.slice(closeBracket + 1);
+    if (portSuffix !== "" && !portSuffix.startsWith(":")) {
+      throw new Error(errMsg(base, serviceName2, "not a valid URL authority"));
+    }
+  } else {
+    const portSeparator = authority.lastIndexOf(":");
+    if (portSeparator !== -1) {
+      host = authority.slice(0, portSeparator);
+      portSuffix = authority.slice(portSeparator);
+    }
+  }
+  const normalizedHost = validateHostHasNoEmptyLabels(host, base, serviceName2);
+  return { normalizedHost, portSuffix };
+}
+function validateStaticHostLabels(hostname4, base, serviceName2) {
+  if (hostname4.startsWith("[") && hostname4.endsWith("]")) return;
+  validateHostHasNoEmptyLabels(hostname4, base, serviceName2);
+}
+function hostSegmentForSyntaxValidation(seg, base, svc) {
+  const parsed = parseSegment(seg);
+  if (parsed.kind === "literal") return seg;
+  if (parsed.kind === "error") {
+    throw new Error(errMsg(base, svc, parsed.reason));
+  }
+  if (!isAscii(parsed.prefix) || !isAscii(parsed.suffix)) {
+    throw new Error(
+      errMsg(
+        base,
+        svc,
+        `host parameter segment "${seg}" must use ASCII literal prefix and suffix`
+      )
+    );
+  }
+  return `${parsed.prefix}x${parsed.suffix}`;
+}
+function validateParameterizedHostUrlSyntax(scheme, authority, base, serviceName2) {
+  const syntaxHost = splitAuthorityHostSegments(authority.normalizedHost).map((seg) => {
+    return hostSegmentForSyntaxValidation(seg, base, serviceName2);
+  }).join(".");
+  try {
+    new URL(`${scheme}://${syntaxHost}${authority.portSuffix}`);
+  } catch {
+    throw new Error(errMsg(base, serviceName2, "not a valid URL authority"));
+  }
+}
+function validateHostParams(segments, paramNames, base, svc) {
+  if (segments.length < 2) {
+    throw new Error(errMsg(base, svc, "host must have at least two segments"));
+  }
+  let hasStatic = false;
+  for (let i = 0; i < segments.length; i++) {
+    const seg = segments[i];
+    const parsed = parseSegment(seg);
+    if (parsed.kind === "error") {
+      throw new Error(errMsg(base, svc, parsed.reason));
+    }
+    if (parsed.kind === "literal") {
+      hasStatic = true;
+      continue;
+    }
+    const { name, greedy, prefix, suffix } = parsed;
+    if (paramNames.has(name)) {
+      throw new Error(
+        errMsg(base, svc, `duplicate parameter name "{${name}}" in host`)
+      );
+    }
+    paramNames.add(name);
+    if (greedy && i !== 0) {
+      throw new Error(
+        errMsg(base, svc, `{${name}${greedy}} must be the first host segment`)
+      );
+    }
+    if (greedy && (prefix !== "" || suffix !== "")) {
+      throw new Error(
+        errMsg(
+          base,
+          svc,
+          `greedy parameter {${name}${greedy}} cannot be combined with a literal prefix or suffix in host segment "${seg}"`
+        )
+      );
+    }
+  }
+  if (!hasStatic) {
+    throw new Error(
+      errMsg(base, svc, "host must have at least one static segment")
+    );
+  }
+}
+function validatePathParams(segments, paramNames, base, svc) {
+  for (const seg of segments) {
+    const parsed = parseSegment(seg);
+    if (parsed.kind === "error") {
+      throw new Error(errMsg(base, svc, parsed.reason));
+    }
+    if (parsed.kind === "literal") continue;
+    const { name, greedy } = parsed;
+    if (greedy) {
+      throw new Error(
+        errMsg(
+          base,
+          svc,
+          `greedy parameter {${name}${greedy}} is not allowed in base URL path`
+        )
+      );
+    }
+    if (paramNames.has(name)) {
+      throw new Error(
+        errMsg(base, svc, `duplicate parameter name "{${name}}"`)
+      );
+    }
+    paramNames.add(name);
+  }
+}
+function validateBaseUrlParams(base, serviceName2) {
+  const schemeEnd = base.indexOf("://");
+  if (schemeEnd === -1) {
+    throw new Error(errMsg(base, serviceName2, "missing scheme"));
+  }
+  const scheme = base.slice(0, schemeEnd);
+  if (scheme.includes("{")) {
+    throw new Error(
+      errMsg(base, serviceName2, "scheme must not contain parameters")
+    );
+  }
+  validateBaseUrlScheme(scheme, base, serviceName2);
+  if (base.includes("?")) {
+    throw new Error(errMsg(base, serviceName2, "must not contain query string"));
+  }
+  if (base.includes("#")) {
+    throw new Error(errMsg(base, serviceName2, "must not contain fragment"));
+  }
+  const rest = base.slice(schemeEnd + 3);
+  const slashIdx = rest.indexOf("/");
+  const host = slashIdx === -1 ? rest : rest.slice(0, slashIdx);
+  const path3 = slashIdx === -1 ? "" : rest.slice(slashIdx);
+  validateNoUserinfo(host, base, serviceName2);
+  validateHostPercentEncoding(host, base, serviceName2);
+  const authority = splitParameterizedAuthority(host, base, serviceName2);
+  validateHostHasCanonicalIpv4Syntax(
+    authority.normalizedHost,
+    base,
+    serviceName2
+  );
+  validateHostHasNoUnsafeIdnaMappings(
+    authority.normalizedHost,
+    base,
+    serviceName2
+  );
+  validateParameterizedHostUrlSyntax(
+    base.slice(0, schemeEnd),
+    authority,
+    base,
+    serviceName2
+  );
+  const paramNames = /* @__PURE__ */ new Set();
+  validateHostParams(
+    splitAuthorityHostSegments(authority.normalizedHost),
+    paramNames,
+    base,
+    serviceName2
+  );
+  if (path3) {
+    validatePathParams(splitPathSegments(path3), paramNames, base, serviceName2);
+  }
+}
+function validateBaseUrl(base, serviceName2) {
+  if (base.includes("\\")) {
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": must not contain backslash`
+    );
+  }
+  const rawSyntaxTarget = baseUrlRawSyntaxTarget(base);
+  if (hasRawWhitespace(rawSyntaxTarget)) {
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": must not contain whitespace`
+    );
+  }
+  if (hasUnsafeUrlCodepoint(rawSyntaxTarget)) {
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": must not contain control characters or invalid Unicode`
+    );
+  }
+  if (hasBaseUrlVars(base)) return;
+  validateUrlSchemeDelimiter(base, serviceName2, "base URL");
+  if (hasBaseUrlParams(base)) {
+    validateBaseUrlParams(base, serviceName2);
+    return;
+  }
+  let url2;
+  try {
+    url2 = new URL(base);
+  } catch {
+    if (!base.includes("://")) {
+      throw new Error(
+        `Invalid base URL "${base}" in firewall "${serviceName2}": URL must include a scheme (e.g. "https://${base}")`
+      );
+    }
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": not a valid URL`
+    );
+  }
+  validateBaseUrlScheme(url2.protocol.slice(0, -1), base, serviceName2);
+  if (url2.search) {
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": must not contain query string`
+    );
+  }
+  if (url2.hash) {
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": must not contain fragment`
+    );
+  }
+  const authority = rawAuthorityFromBaseUrl(base);
+  if (authority !== null) {
+    if (authority === "") {
+      throw new Error(
+        `Invalid base URL "${base}" in firewall "${serviceName2}": not a valid URL authority`
+      );
+    }
+    validateNoUserinfo(authority, base, serviceName2);
+    validateHostPercentEncoding(authority, base, serviceName2);
+    validateHostHasCanonicalIpv4Syntax(authority, base, serviceName2);
+    validateHostHasNoUnsafeIdnaMappings(authority, base, serviceName2);
+  }
+  validateStaticHostLabels(url2.hostname, base, serviceName2);
+  if (url2.hostname.includes("{") || url2.hostname.includes("}")) {
+    throw new Error(
+      `Invalid base URL "${base}" in firewall "${serviceName2}": host must not contain braces`
+    );
+  }
+}
+function authBaseForStaticUrlValidation(authBase) {
+  if (!authBase.includes(AUTH_TEMPLATE_START)) {
+    return { url: authBase, dynamicPrefixSuffix: "" };
+  }
+  const replaced = authBase.replace(
+    AUTH_REFERENCE_PATTERN_G,
+    AUTH_TEMPLATE_URL_PLACEHOLDER
+  );
+  if (replaced.includes(AUTH_TEMPLATE_START)) {
+    return { url: authBase, dynamicPrefixSuffix: "" };
+  }
+  const prefixMatch = AUTH_REFERENCE_PREFIX_PATTERN.exec(authBase);
+  if (prefixMatch) {
+    return {
+      url: null,
+      dynamicPrefixSuffix: authBase.slice(prefixMatch[0].length).replace(AUTH_REFERENCE_PATTERN_G, AUTH_TEMPLATE_URL_PLACEHOLDER)
+    };
+  }
+  return { url: replaced, dynamicPrefixSuffix: "" };
+}
+function validateDynamicAuthBaseSuffix(authBase, suffix, serviceName2) {
+  if (suffix.includes(AUTH_TEMPLATE_START)) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": contains unsupported template reference`
+    );
+  }
+  if (hasRawWhitespace(suffix)) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain whitespace`
+    );
+  }
+  if (hasUnsafeUrlCodepoint(suffix)) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain control characters or invalid Unicode`
+    );
+  }
+  if (suffix.includes("#")) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain fragment`
+    );
+  }
+  if (suffix !== "" && !suffix.startsWith("/") && !suffix.startsWith("?")) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": dynamic URL suffix must start with "/" or "?"`
+    );
+  }
+}
+function validateAuthBaseUrl(authBase, serviceName2) {
+  if (authBase.includes("\\")) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain backslash`
+    );
+  }
+  const target = authBaseForStaticUrlValidation(authBase);
+  validateDynamicAuthBaseSuffix(
+    authBase,
+    target.dynamicPrefixSuffix,
+    serviceName2
+  );
+  const validationUrl = target.url;
+  if (validationUrl === null) return;
+  if (validationUrl.includes(AUTH_TEMPLATE_START)) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": contains unsupported template reference`
+    );
+  }
+  if (hasRawWhitespace(validationUrl)) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain whitespace`
+    );
+  }
+  if (hasUnsafeUrlCodepoint(validationUrl)) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain control characters or invalid Unicode`
+    );
+  }
+  validateUrlSchemeDelimiter(
+    validationUrl,
+    serviceName2,
+    "auth.base URL",
+    authBase
+  );
+  let url2;
+  try {
+    url2 = new URL(validationUrl);
+  } catch {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": not a valid URL`
+    );
+  }
+  if (!ALLOWED_BASE_URL_SCHEMES.has(url2.protocol.slice(0, -1).toLowerCase())) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": scheme must be http or https`
+    );
+  }
+  if (url2.hash) {
+    throw new Error(
+      `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain fragment`
+    );
+  }
+  const authority = rawAuthorityFromBaseUrl(validationUrl);
+  if (authority !== null) {
+    if (authority === "") {
+      throw new Error(
+        `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": not a valid URL authority`
+      );
+    }
+    if (authority.includes("@")) {
+      throw new Error(
+        `Invalid auth.base URL "${authBase}" in firewall "${serviceName2}": must not contain userinfo`
+      );
+    }
+    validateHostPercentEncoding(authority, validationUrl, serviceName2);
+    validateHostHasCanonicalIpv4Syntax(authority, validationUrl, serviceName2);
+    validateHostHasNoUnsafeIdnaMappings(authority, validationUrl, serviceName2);
+  }
+  validateStaticHostLabels(url2.hostname, validationUrl, serviceName2);
+}
+
+// ../../packages/api-contracts/src/contracts/runners.ts
 var c = initContract();
+var MIN_EPOCH_MS_TIMESTAMP = 1e12;
+var apiStartTimeSchema = external_exports.number().int().min(MIN_EPOCH_MS_TIMESTAMP);
+var CANONICAL_WORKING_DIR = "/home/user/workspace";
+var CANONICAL_CLAUDE_PROJECT_NAME = CANONICAL_WORKING_DIR.replace(
+  /^\//,
+  ""
+).replace(/\//g, "-");
+var CANONICAL_CLAUDE_MEMORY_MOUNT_PATH = `/home/user/.claude/projects/-${CANONICAL_CLAUDE_PROJECT_NAME}/memory`;
+var runnerGroupSchema = external_exports.string().regex(
+  /^[a-z0-9-]+\/[a-z0-9-]+$/,
+  "Runner group must be in vm0/<name> format (e.g., vm0/production)"
+);
+var jobSchema = external_exports.object({
+  runId: external_exports.uuid(),
+  prompt: external_exports.string(),
+  appendSystemPrompt: external_exports.string().nullable(),
+  agentComposeVersionId: external_exports.string().nullable(),
+  vars: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
+  checkpointId: external_exports.uuid().nullable(),
+  experimentalProfile: external_exports.string().optional()
+});
+var heldSessionStateSchema = external_exports.object({
+  sessionId: external_exports.string(),
+  lastCompletedAt: external_exports.string().datetime({ offset: true })
+});
+var runnersPollContract = c.router({
+  poll: {
+    method: "POST",
+    path: "/api/runners/poll",
+    headers: authHeadersSchema,
+    body: external_exports.object({
+      group: runnerGroupSchema,
+      profiles: external_exports.array(external_exports.string()).optional(),
+      heldSessionStates: external_exports.array(heldSessionStateSchema).max(100).optional()
+    }),
+    responses: {
+      200: external_exports.object({
+        job: jobSchema.nullable()
+      }),
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      500: apiErrorSchema
+    },
+    summary: "Poll for pending jobs (long-polling with 30s timeout)"
+  }
+});
+var storageEntrySchema = external_exports.object({
+  name: external_exports.string(),
+  mountPath: external_exports.string(),
+  vasStorageName: external_exports.string(),
+  vasVersionId: external_exports.string(),
+  instructionsTargetFilename: external_exports.string().optional(),
+  archiveUrl: external_exports.string()
+});
+var artifactEntrySchema = external_exports.object({
+  mountPath: external_exports.string(),
+  vasStorageName: external_exports.string(),
+  vasStorageId: external_exports.string(),
+  vasVersionId: external_exports.string(),
+  archiveUrl: external_exports.string(),
+  manifestUrl: external_exports.string().optional()
+});
+var storageManifestSchema = external_exports.object({
+  storages: external_exports.array(storageEntrySchema),
+  artifacts: external_exports.array(artifactEntrySchema)
+});
+var resumeSessionSchema = external_exports.object({
+  sessionId: external_exports.string(),
+  sessionHistory: external_exports.string()
+});
+var secretConnectorMetadataSchema = external_exports.object({
+  sourceType: external_exports.enum(["connector", "model-provider"]),
+  sourceUserId: external_exports.string().optional(),
+  metadataKey: external_exports.string().optional()
+});
+var secretConnectorMetadataMapSchema = external_exports.record(
+  external_exports.string(),
+  secretConnectorMetadataSchema
+);
+var storedExecutionContextSchema = external_exports.object({
+  storageManifest: storageManifestSchema.nullable(),
+  environment: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
+  resumeSession: resumeSessionSchema.nullable(),
+  // AES-256-GCM encrypted Record<string, string>. Keys are the runtime secret
+  // names used by `${{ secrets.NAME }}`; connector/model-provider keys are env
+  // aliases, not backing storage secret names.
+  encryptedSecrets: external_exports.string().nullable(),
+  // Maps firewall auth secret env aliases (the `NAME` in `${{ secrets.NAME }}`) to
+  // their connector or provider owner. Keys are env aliases, not storage secret names.
+  secretConnectorMap: external_exports.record(external_exports.string(), external_exports.string()).nullable().optional(),
+  // Same keys as secretConnectorMap; adds source details when the owner alone
+  // is not enough to locate access storage (for example, personal model providers).
+  secretConnectorMetadataMap: secretConnectorMetadataMapSchema.nullable().optional(),
+  cliAgentType: external_exports.string(),
+  // Debug flag to force real Claude in mock environments (internal use only)
+  debugNoMockClaude: external_exports.boolean().optional(),
+  // Debug flag to force real Codex in mock environments (internal use only)
+  debugNoMockCodex: external_exports.boolean().optional(),
+  // Capture HTTP request headers, request bodies, and response bodies in network logs
+  captureNetworkBodies: external_exports.boolean().optional(),
+  // Dispatch timestamp for E2E timing metrics, as Unix epoch milliseconds
+  apiStartTime: apiStartTimeSchema.optional(),
+  // User's timezone preference (IANA format, e.g., "Asia/Shanghai")
+  userTimezone: external_exports.string().optional(),
+  // Firewall for proxy-side token replacement (complete config, all permissions)
+  firewalls: firewallsSchema.optional(),
+  // Per-firewall network policies: which permissions are granted + unknownPolicy
+  networkPolicies: networkPoliciesSchema.optional(),
+  // Tools to disable in Claude CLI (passed as --disallowed-tools)
+  disallowedTools: external_exports.array(external_exports.string()).optional(),
+  // Tools to make available in Claude CLI (passed as --tools)
+  tools: external_exports.array(external_exports.string()).optional(),
+  // Settings JSON to pass to Claude CLI (passed as --settings)
+  settings: external_exports.string().optional(),
+  // VM profile for resource allocation (e.g., "vm0/default")
+  experimentalProfile: external_exports.string().optional(),
+  // Feature flags evaluated at job creation time (all switch states for user/org)
+  featureFlags: external_exports.record(external_exports.string(), external_exports.boolean()).optional(),
+  billableFirewalls: external_exports.array(external_exports.string()).optional(),
+  modelUsageProvider: external_exports.string().optional()
+});
+var executionContextSchema = external_exports.object({
+  runId: external_exports.uuid(),
+  prompt: external_exports.string(),
+  appendSystemPrompt: external_exports.string().nullable(),
+  agentComposeVersionId: external_exports.string().nullable(),
+  vars: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
+  checkpointId: external_exports.uuid().nullable(),
+  sandboxToken: external_exports.string(),
+  storageManifest: storageManifestSchema.nullable(),
+  environment: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
+  resumeSession: resumeSessionSchema.nullable(),
+  // Plain secret values used by the runner for redaction. These are values, not
+  // names, and are base64-encoded only when exported through VM0_SECRET_VALUES.
+  secretValues: external_exports.array(external_exports.string()).nullable(),
+  // AES-256-GCM encrypted Record<string, string>, passed through to mitm-addon
+  // for auth resolution. Keys are runtime secret names used by
+  // `${{ secrets.NAME }}`; connector/model-provider keys are env aliases, not
+  // backing storage secret names.
+  encryptedSecrets: external_exports.string().nullable(),
+  // Maps firewall auth secret env aliases (the `NAME` in `${{ secrets.NAME }}`) to
+  // their connector or provider owner. Keys are env aliases, not storage secret names.
+  secretConnectorMap: external_exports.record(external_exports.string(), external_exports.string()).nullable().optional(),
+  // Same keys as secretConnectorMap; adds source details when the owner alone
+  // is not enough to locate access storage (for example, personal model providers).
+  secretConnectorMetadataMap: secretConnectorMetadataMapSchema.nullable().optional(),
+  cliAgentType: external_exports.string(),
+  // Debug flag to force real Claude in mock environments (internal use only)
+  debugNoMockClaude: external_exports.boolean().optional(),
+  // Debug flag to force real Codex in mock environments (internal use only)
+  debugNoMockCodex: external_exports.boolean().optional(),
+  // Capture HTTP request headers, request bodies, and response bodies in network logs
+  captureNetworkBodies: external_exports.boolean().optional(),
+  // Dispatch timestamp for E2E timing metrics, as Unix epoch milliseconds
+  apiStartTime: apiStartTimeSchema.optional(),
+  // User's timezone preference (IANA format, e.g., "Asia/Shanghai")
+  userTimezone: external_exports.string().optional(),
+  // Firewall for proxy-side token replacement (complete config, all permissions)
+  firewalls: firewallsSchema.optional(),
+  // Per-firewall network policies: which permissions are granted + unknownPolicy
+  networkPolicies: networkPoliciesSchema.optional(),
+  // Tools to disable in Claude CLI (passed as --disallowed-tools)
+  disallowedTools: external_exports.array(external_exports.string()).optional(),
+  // Tools to make available in Claude CLI (passed as --tools)
+  tools: external_exports.array(external_exports.string()).optional(),
+  // Settings JSON to pass to Claude CLI (passed as --settings)
+  settings: external_exports.string().optional(),
+  // VM profile for resource allocation (e.g., "vm0/default")
+  experimentalProfile: external_exports.string().optional(),
+  // Feature flags evaluated at job creation time (all switch states for user/org)
+  featureFlags: external_exports.record(external_exports.string(), external_exports.boolean()).optional(),
+  billableFirewalls: external_exports.array(external_exports.string()).optional(),
+  modelUsageProvider: external_exports.string().optional()
+});
+var runnersJobClaimContract = c.router({
+  claim: {
+    method: "POST",
+    path: "/api/runners/jobs/:id/claim",
+    headers: authHeadersSchema,
+    pathParams: external_exports.object({
+      id: external_exports.uuid()
+    }),
+    body: external_exports.object({}),
+    responses: {
+      200: executionContextSchema,
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      403: apiErrorSchema,
+      // Job does not belong to user
+      404: apiErrorSchema,
+      409: apiErrorSchema,
+      // Already claimed
+      500: apiErrorSchema
+    },
+    summary: "Claim a pending job for execution"
+  }
+});
+var heartbeatBodySchema = external_exports.object({
+  runnerId: external_exports.uuid(),
+  runnerName: external_exports.string(),
+  group: runnerGroupSchema,
+  profiles: external_exports.array(external_exports.string()),
+  totalVcpu: external_exports.number().int().nonnegative(),
+  totalMemoryMb: external_exports.number().int().nonnegative(),
+  maxConcurrent: external_exports.number().int().nonnegative(),
+  allocatedVcpu: external_exports.number().int().nonnegative(),
+  allocatedMemoryMb: external_exports.number().int().nonnegative(),
+  runningCount: external_exports.number().int().nonnegative(),
+  heldSessionStates: external_exports.array(heldSessionStateSchema),
+  mode: external_exports.enum(["running", "draining", "stopping"])
+});
+var runnersHeartbeatContract = c.router({
+  heartbeat: {
+    method: "POST",
+    path: "/api/runners/heartbeat",
+    headers: authHeadersSchema,
+    body: heartbeatBodySchema,
+    responses: {
+      200: external_exports.object({ ok: external_exports.literal(true) }),
+      400: apiErrorSchema,
+      401: apiErrorSchema,
+      500: apiErrorSchema
+    },
+    summary: "Report runner heartbeat with capacity and state"
+  }
+});
+
+// ../../packages/api-contracts/src/contracts/composes.ts
+var c2 = initContract();
+var MOUNT_PATH_TEMPLATE = "${{ working_dir }}";
 var composeVersionQuerySchema = external_exports.string().min(1, "Missing version query parameter").regex(
   /^[a-f0-9]{8,64}$|^latest$/i,
   "Version must be 8-64 hex characters or 'latest'"
@@ -93067,10 +94465,9 @@ var volumeConfigSchema = external_exports.object({
   /** When true, skip mounting without error if volume doesn't exist */
   optional: external_exports.boolean().optional()
 });
-var MOUNT_PATH_TEMPLATE = "${{ working_dir }}";
 var mountPathSchema = external_exports.string().min(1, "mount_path cannot be empty").refine((val) => {
   return val === MOUNT_PATH_TEMPLATE || val.startsWith("/");
-}, `mount_path must be an absolute path or "${MOUNT_PATH_TEMPLATE}"`);
+}, "mount_path must be an absolute path or ${{ working_dir }}");
 var artifactConfigSchema = external_exports.object({
   name: external_exports.string().min(1, "Artifact name is required"),
   version: external_exports.string().min(1).optional(),
@@ -93166,7 +94563,7 @@ var createComposeResponseSchema = external_exports.object({
   action: external_exports.enum(["created", "existing"]),
   updatedAt: external_exports.string()
 });
-var composesMainContract = c.router({
+var composesMainContract = c2.router({
   /**
    * GET /api/agent/composes?name={name}&org={org}
    * Get agent compose by name with HEAD version content
@@ -93212,7 +94609,7 @@ var composesMainContract = c.router({
     summary: "Create or update agent compose version"
   }
 });
-var composesByIdContract = c.router({
+var composesByIdContract = c2.router({
   /**
    * GET /api/agent/composes/:id
    * Get agent compose by ID with HEAD version content
@@ -93245,9 +94642,9 @@ var composesByIdContract = c.router({
     pathParams: external_exports.object({
       id: external_exports.string().uuid("Compose ID is required")
     }),
-    body: c.noBody(),
+    body: c2.noBody(),
     responses: {
-      204: c.noBody(),
+      204: c2.noBody(),
       401: apiErrorSchema,
       403: apiErrorSchema,
       404: apiErrorSchema,
@@ -93256,7 +94653,7 @@ var composesByIdContract = c.router({
     summary: "Delete agent compose"
   }
 });
-var composesVersionsContract = c.router({
+var composesVersionsContract = c2.router({
   /**
    * GET /api/agent/composes/versions?composeId={id}&version={hash|tag}
    * Resolve a version specifier to a full version ID
@@ -93291,7 +94688,7 @@ var composeListItemSchema = external_exports.object({
   headVersionId: external_exports.string().nullable(),
   updatedAt: external_exports.string()
 });
-var composesListContract = c.router({
+var composesListContract = c2.router({
   /**
    * GET /api/agent/composes/list
    * List all agent composes for an org
@@ -93318,7 +94715,7 @@ var metadataUpdateSchema = external_exports.object({
   description: external_exports.string().optional(),
   sound: external_exports.string().optional()
 });
-var composesMetadataContract = c.router({
+var composesMetadataContract = c2.router({
   /**
    * PATCH /api/agent/composes/:id/metadata
    * Update agent compose metadata (displayName, description, sound)
@@ -93345,7 +94742,7 @@ var composeInstructionsResponseSchema = external_exports.object({
   content: external_exports.string().nullable(),
   filename: external_exports.string().nullable()
 });
-var composesInstructionsContract = c.router({
+var composesInstructionsContract = c2.router({
   /**
    * GET /api/agent/composes/:id/instructions
    * Get the instructions content for an agent compose
@@ -93443,6 +94840,7 @@ var SUPPORTED_RUN_MODELS = [
   "deepseek-v4-flash",
   "kimi-k2.6",
   "kimi-k2.5",
+  "MiniMax-M3",
   "MiniMax-M2.7",
   "glm-5.1",
   "gpt-5.5",
@@ -93459,6 +94857,7 @@ var VM0_MODEL_CREDIT_MULTIPLIER = Object.freeze({
   "deepseek-v4-flash": 0.02,
   "kimi-k2.6": 0.3,
   "kimi-k2.5": 0.2,
+  "MiniMax-M3": 0.2,
   "MiniMax-M2.7": 0.1,
   "glm-5.1": 0.4,
   "gpt-5.5": 2,
@@ -93510,6 +94909,10 @@ var VM0_MODEL_TO_PROVIDER = {
     concreteType: "moonshot-api-key",
     vendor: "moonshot"
   },
+  "MiniMax-M3": {
+    concreteType: "minimax-api-key",
+    vendor: "minimax"
+  },
   "MiniMax-M2.7": {
     concreteType: "minimax-api-key",
     vendor: "minimax"
@@ -93645,8 +95048,8 @@ var MODEL_PROVIDER_TYPES = {
       API_TIMEOUT_MS: "3000000",
       CLAUDE_CODE_DISABLE_NONESSENTIAL_TRAFFIC: "1"
     },
-    models: ["MiniMax-M2.7", "MiniMax-M2.1"],
-    defaultModel: "MiniMax-M2.7"
+    models: ["MiniMax-M3", "MiniMax-M2.7", "MiniMax-M2.1"],
+    defaultModel: "MiniMax-M3"
   },
   "deepseek-api-key": {
     framework: "claude-code",
@@ -94269,7 +95672,7 @@ init_esm_shims();
 
 // ../../packages/api-contracts/src/contracts/zero-user-preferences.ts
 init_esm_shims();
-var c2 = initContract();
+var c3 = initContract();
 var sendModeSchema = external_exports.enum(["enter", "cmd-enter"]);
 var userPreferencesResponseSchema = external_exports.object({
   timezone: external_exports.string().nullable(),
@@ -94290,7 +95693,7 @@ var updateUserPreferencesRequestSchema = external_exports.object({
     message: "At least one preference must be provided"
   }
 );
-var zeroUserPreferencesContract = c2.router({
+var zeroUserPreferencesContract = c3.router({
   get: {
     method: "GET",
     path: "/api/zero/user-preferences",
@@ -94403,7 +95806,7 @@ var orgMessageResponseSchema = external_exports.object({
 });
 
 // ../../packages/api-contracts/src/contracts/orgs.ts
-var c3 = initContract();
+var c4 = initContract();
 var orgTierSchema = external_exports.enum(["free", "pro-suspend", "pro", "team"]);
 var orgSlugSchema = external_exports.string().min(3, "Org slug must be at least 3 characters").max(64, "Org slug must be at most 64 characters").regex(
   /^[a-z0-9][a-z0-9-]*[a-z0-9]$|^[a-z0-9]{1,2}$/,
@@ -94424,7 +95827,7 @@ var updateOrgRequestSchema = external_exports.object({
   name: external_exports.string().min(1).max(128).optional(),
   force: external_exports.boolean().optional().default(false)
 });
-var orgDefaultAgentContract = c3.router({
+var orgDefaultAgentContract = c4.router({
   /**
    * PUT /api/zero/default-agent
    * Set or unset the default agent for an org.
@@ -94454,8 +95857,8 @@ var orgDefaultAgentContract = c3.router({
 });
 
 // ../../packages/api-contracts/src/contracts/zero-org.ts
-var c4 = initContract();
-var zeroOrgContract = c4.router({
+var c5 = initContract();
+var zeroOrgContract = c5.router({
   get: {
     method: "GET",
     path: "/api/zero/org",
@@ -94484,7 +95887,7 @@ var zeroOrgContract = c4.router({
     summary: "Update org slug (zero proxy)"
   }
 });
-var zeroOrgLeaveContract = c4.router({
+var zeroOrgLeaveContract = c5.router({
   leave: {
     method: "POST",
     path: "/api/zero/org/leave",
@@ -94500,7 +95903,7 @@ var zeroOrgLeaveContract = c4.router({
     summary: "Leave the current org (zero proxy)"
   }
 });
-var zeroOrgDeleteContract = c4.router({
+var zeroOrgDeleteContract = c5.router({
   delete: {
     method: "POST",
     path: "/api/zero/org/delete",
@@ -94520,12 +95923,12 @@ var zeroOrgDeleteContract = c4.router({
 
 // ../../packages/api-contracts/src/contracts/cli-auth.ts
 init_esm_shims();
-var c5 = initContract();
+var c6 = initContract();
 var oauthErrorSchema = external_exports.object({
   error: external_exports.string(),
   error_description: external_exports.string()
 });
-var cliAuthDeviceContract = c5.router({
+var cliAuthDeviceContract = c6.router({
   /**
    * POST /api/cli/auth/device
    * Initiate device authorization flow
@@ -94547,7 +95950,7 @@ var cliAuthDeviceContract = c5.router({
     summary: "Initiate device authorization flow"
   }
 });
-var cliAuthTokenContract = c5.router({
+var cliAuthTokenContract = c6.router({
   /**
    * POST /api/cli/auth/token
    * Exchange device code for access token
@@ -94581,7 +95984,7 @@ var cliAuthApproveErrorSchema = external_exports.object({
   success: external_exports.literal(false),
   error: external_exports.string()
 });
-var cliAuthApproveContract = c5.router({
+var cliAuthApproveContract = c6.router({
   /**
    * POST /api/cli/auth/approve
    * Approve a pending CLI device code from a browser session
@@ -94603,7 +96006,7 @@ var cliAuthApproveContract = c5.router({
     summary: "Approve a CLI device authorization flow"
   }
 });
-var cliAuthOrgContract = c5.router({
+var cliAuthOrgContract = c6.router({
   /**
    * POST /api/cli/auth/org
    * Switch active organization and get new CLI JWT
@@ -94643,8 +96046,8 @@ var orgListResponseSchema = external_exports.object({
 });
 
 // ../../packages/api-contracts/src/contracts/zero-org-list.ts
-var c6 = initContract();
-var zeroOrgListContract = c6.router({
+var c7 = initContract();
+var zeroOrgListContract = c7.router({
   list: {
     method: "GET",
     path: "/api/zero/org/list",
@@ -94660,8 +96063,8 @@ var zeroOrgListContract = c6.router({
 
 // ../../packages/api-contracts/src/contracts/zero-org-members.ts
 init_esm_shims();
-var c7 = initContract();
-var zeroOrgMembersContract = c7.router({
+var c8 = initContract();
+var zeroOrgMembersContract = c8.router({
   members: {
     method: "GET",
     path: "/api/zero/org/members",
@@ -94707,7 +96110,7 @@ var zeroOrgMembersContract = c7.router({
     summary: "Remove a member from the org (zero proxy)"
   }
 });
-var zeroOrgInviteContract = c7.router({
+var zeroOrgInviteContract = c8.router({
   invite: {
     method: "POST",
     path: "/api/zero/org/invite",
@@ -94737,7 +96140,7 @@ var zeroOrgInviteContract = c7.router({
     summary: "Revoke a pending invitation (zero proxy)"
   }
 });
-var zeroOrgMembershipRequestsContract = c7.router({
+var zeroOrgMembershipRequestsContract = c8.router({
   accept: {
     method: "POST",
     path: "/api/zero/org/membership-requests",
@@ -94885,7 +96288,7 @@ init_esm_shims();
 
 // ../../packages/api-contracts/src/contracts/zero-attribution.ts
 init_esm_shims();
-var c8 = initContract();
+var c9 = initContract();
 var SOURCE_TYPES = [
   "paid",
   "organic_search",
@@ -94921,7 +96324,7 @@ var recordSignupAttributionRequestSchema = external_exports.object({
 var recordSignupAttributionResponseSchema = external_exports.object({
   recorded: external_exports.boolean()
 });
-var zeroAttributionContract = c8.router({
+var zeroAttributionContract = c9.router({
   recordSignup: {
     method: "POST",
     path: "/api/zero/attribution/signup",
@@ -94938,7 +96341,7 @@ var zeroAttributionContract = c8.router({
 });
 
 // ../../packages/api-contracts/src/contracts/zero-billing.ts
-var c9 = initContract();
+var c10 = initContract();
 var autoRechargeSchema = external_exports.object({
   enabled: external_exports.boolean(),
   threshold: external_exports.number().nullable(),
@@ -95055,7 +96458,7 @@ var redeemRequestSchema = external_exports.object({
   successUrl: external_exports.string().url(),
   cancelUrl: external_exports.string().url()
 });
-var zeroBillingStatusContract = c9.router({
+var zeroBillingStatusContract = c10.router({
   get: {
     method: "GET",
     path: "/api/zero/billing/status",
@@ -95069,7 +96472,7 @@ var zeroBillingStatusContract = c9.router({
     summary: "Get billing status for current org"
   }
 });
-var zeroBillingCheckoutContract = c9.router({
+var zeroBillingCheckoutContract = c10.router({
   create: {
     method: "POST",
     path: "/api/zero/billing/checkout",
@@ -95101,7 +96504,7 @@ var zeroBillingCheckoutContract = c9.router({
     summary: "Complete Stripe checkout session"
   }
 });
-var zeroBillingCreditCheckoutContract = c9.router({
+var zeroBillingCreditCheckoutContract = c10.router({
   create: {
     method: "POST",
     path: "/api/zero/billing/credit-checkout",
@@ -95118,7 +96521,7 @@ var zeroBillingCreditCheckoutContract = c9.router({
     summary: "Create Stripe checkout session for credits"
   }
 });
-var zeroBillingPortalContract = c9.router({
+var zeroBillingPortalContract = c10.router({
   create: {
     method: "POST",
     path: "/api/zero/billing/portal",
@@ -95135,7 +96538,7 @@ var zeroBillingPortalContract = c9.router({
     summary: "Create Stripe billing portal session"
   }
 });
-var zeroBillingAutoRechargeContract = c9.router({
+var zeroBillingAutoRechargeContract = c10.router({
   get: {
     method: "GET",
     path: "/api/zero/billing/auto-recharge",
@@ -95173,7 +96576,7 @@ var invoiceSchema = external_exports.object({
 var billingInvoicesResponseSchema = external_exports.object({
   invoices: external_exports.array(invoiceSchema)
 });
-var zeroBillingInvoicesContract = c9.router({
+var zeroBillingInvoicesContract = c10.router({
   get: {
     method: "GET",
     path: "/api/zero/billing/invoices",
@@ -95194,7 +96597,7 @@ var downgradeResponseSchema = external_exports.object({
   success: external_exports.boolean(),
   effectiveDate: external_exports.string().nullable()
 });
-var zeroBillingDowngradeContract = c9.router({
+var zeroBillingDowngradeContract = c10.router({
   create: {
     method: "POST",
     path: "/api/zero/billing/downgrade",
@@ -95212,7 +96615,7 @@ var zeroBillingDowngradeContract = c9.router({
     summary: "Downgrade subscription to a lower tier"
   }
 });
-var zeroBillingRedeemContract = c9.router({
+var zeroBillingRedeemContract = c10.router({
   create: {
     method: "POST",
     path: "/api/zero/billing/redeem/:campaign",
@@ -95305,8 +96708,8 @@ var setVariableRequestSchema = external_exports.object({
 });
 
 // ../../packages/api-contracts/src/contracts/zero-secrets.ts
-var c10 = initContract();
-var zeroSecretsContract = c10.router({
+var c11 = initContract();
+var zeroSecretsContract = c11.router({
   list: {
     method: "GET",
     path: "/api/zero/secrets",
@@ -95333,7 +96736,7 @@ var zeroSecretsContract = c10.router({
     summary: "Create or update a secret"
   }
 });
-var zeroSecretsByNameContract = c10.router({
+var zeroSecretsByNameContract = c11.router({
   delete: {
     method: "DELETE",
     path: "/api/zero/secrets/:name",
@@ -95342,7 +96745,7 @@ var zeroSecretsByNameContract = c10.router({
       name: secretNameSchema
     }),
     responses: {
-      204: c10.noBody(),
+      204: c11.noBody(),
       401: apiErrorSchema,
       404: apiErrorSchema,
       500: apiErrorSchema
@@ -95350,7 +96753,7 @@ var zeroSecretsByNameContract = c10.router({
     summary: "Delete a secret by name"
   }
 });
-var zeroVariablesContract = c10.router({
+var zeroVariablesContract = c11.router({
   list: {
     method: "GET",
     path: "/api/zero/variables",
@@ -95377,7 +96780,7 @@ var zeroVariablesContract = c10.router({
     summary: "Create or update a variable"
   }
 });
-var zeroVariablesByNameContract = c10.router({
+var zeroVariablesByNameContract = c11.router({
   delete: {
     method: "DELETE",
     path: "/api/zero/variables/:name",
@@ -95386,7 +96789,7 @@ var zeroVariablesByNameContract = c10.router({
       name: variableNameSchema
     }),
     responses: {
-      204: c10.noBody(),
+      204: c11.noBody(),
       401: apiErrorSchema,
       404: apiErrorSchema,
       500: apiErrorSchema
@@ -95463,8 +96866,8 @@ init_esm_shims();
 
 // ../../packages/api-contracts/src/contracts/zero-model-policies.ts
 init_esm_shims();
-var c11 = initContract();
-var zeroModelPoliciesMainContract = c11.router({
+var c12 = initContract();
+var zeroModelPoliciesMainContract = c12.router({
   list: {
     method: "GET",
     path: "/api/zero/model-policies",
@@ -95511,360 +96914,7 @@ init_esm_shims();
 
 // ../../packages/api-contracts/src/contracts/zero-agents.ts
 init_esm_shims();
-
-// ../../packages/connectors/src/firewall-types.ts
-init_esm_shims();
-
-// ../../packages/connectors/src/segment-parser.ts
-init_esm_shims();
-var ERROR_HINT = 'use "{name}", "prefix{name}", "{name}suffix", or "prefix{name}suffix"';
-function parseSegment(seg) {
-  const openCount = countChar(seg, "{");
-  const closeCount = countChar(seg, "}");
-  if (openCount === 0 && closeCount === 0) {
-    return { kind: "literal", value: seg };
-  }
-  if (openCount !== closeCount) {
-    return {
-      kind: "error",
-      reason: `unbalanced brace in segment "${seg}" \u2014 ${ERROR_HINT}`
-    };
-  }
-  const open1 = seg.indexOf("{");
-  const close1 = seg.indexOf("}");
-  if (close1 < open1) {
-    return {
-      kind: "error",
-      reason: `unbalanced brace in segment "${seg}" \u2014 ${ERROR_HINT}`
-    };
-  }
-  if (openCount >= 2) {
-    const open2 = seg.indexOf("{", close1 + 1);
-    if (close1 + 1 === open2) {
-      return {
-        kind: "error",
-        reason: `adjacent parameters in segment "${seg}" \u2014 only one parameter per segment is allowed; ${ERROR_HINT}`
-      };
-    }
-    return {
-      kind: "error",
-      reason: `literal-separated parameters in segment "${seg}" \u2014 only one parameter per segment is allowed; ${ERROR_HINT}`
-    };
-  }
-  const prefix = seg.slice(0, open1);
-  const content = seg.slice(open1 + 1, close1);
-  const suffix = seg.slice(close1 + 1);
-  if (prefix.includes("{") || prefix.includes("}") || suffix.includes("{") || suffix.includes("}")) {
-    return {
-      kind: "error",
-      reason: `unbalanced brace in segment "${seg}" \u2014 ${ERROR_HINT}`
-    };
-  }
-  let greedy = "";
-  let name = content;
-  if (content.length > 0) {
-    const last = content[content.length - 1];
-    if (last === "+" || last === "*") {
-      greedy = last;
-      name = content.slice(0, -1);
-    }
-  }
-  if (name.length === 0) {
-    return {
-      kind: "error",
-      reason: `empty parameter name in segment "${seg}" \u2014 ${ERROR_HINT}`
-    };
-  }
-  return { kind: "param", prefix, name, suffix, greedy };
-}
-function countChar(s, ch) {
-  let n = 0;
-  for (let i = 0; i < s.length; i++) {
-    if (s[i] === ch) n++;
-  }
-  return n;
-}
-
-// ../../packages/connectors/src/firewall-types.ts
-var firewallPermissionSchema = external_exports.object({
-  name: external_exports.string(),
-  description: external_exports.string().optional(),
-  rules: external_exports.array(external_exports.string())
-});
-var firewallApiSchema = external_exports.object({
-  base: external_exports.string(),
-  auth: external_exports.object({
-    headers: external_exports.record(external_exports.string(), external_exports.string()).optional(),
-    base: external_exports.string().optional(),
-    query: external_exports.record(external_exports.string(), external_exports.string()).optional()
-  }),
-  permissions: external_exports.array(firewallPermissionSchema).optional()
-});
-var firewallSchema = external_exports.object({
-  name: external_exports.string(),
-  apis: external_exports.array(firewallApiSchema)
-});
-var firewallsSchema = external_exports.array(firewallSchema);
-var firewallConfigSchema = external_exports.object({
-  name: external_exports.string().min(1, "Firewall name is required"),
-  description: external_exports.string().optional(),
-  apis: external_exports.array(firewallApiSchema).min(1, "Firewall must have at least one API entry"),
-  placeholders: external_exports.record(external_exports.string(), external_exports.string()).optional()
-});
-var firewallPolicyValueSchema = external_exports.enum(["allow", "deny", "ask"]);
-var firewallPolicySchema = external_exports.object({
-  policies: external_exports.record(external_exports.string(), firewallPolicyValueSchema),
-  unknownPolicy: firewallPolicyValueSchema.optional()
-});
-var firewallPoliciesSchema = external_exports.record(
-  external_exports.string(),
-  firewallPolicySchema
-);
-var networkPolicySchema = external_exports.object({
-  allow: external_exports.array(external_exports.string()),
-  deny: external_exports.array(external_exports.string()),
-  ask: external_exports.array(external_exports.string()),
-  unknownPolicy: firewallPolicyValueSchema
-});
-var networkPoliciesSchema = external_exports.record(external_exports.string(), networkPolicySchema);
-var AUTH_SECRET_PATTERN = /\$\{\{\s*secrets\.([a-zA-Z_][a-zA-Z0-9_]*)\s*\}\}/g;
-var AUTH_REFERENCE_PATTERN = /\$\{\{\s*(secrets|vars)\.([a-zA-Z_][a-zA-Z0-9_]*)\s*\}\}/g;
-function isTemplateWhitespace(char) {
-  return char === " " || char === "	" || char === "\n" || char === "\r" || char === "\f" || char === "\v";
-}
-function skipTemplateWhitespace(template, index) {
-  let nextIndex = index;
-  while (nextIndex < template.length && isTemplateWhitespace(template[nextIndex])) {
-    nextIndex += 1;
-  }
-  return nextIndex;
-}
-function isIdentifierStart(char) {
-  const code = char.charCodeAt(0);
-  return char === "_" || code >= 65 && code <= 90 || code >= 97 && code <= 122;
-}
-function isIdentifierPart(char) {
-  const code = char.charCodeAt(0);
-  return isIdentifierStart(char) || code >= 48 && code <= 57;
-}
-function parseTemplateIdentifier(template, index) {
-  if (index >= template.length || !isIdentifierStart(template[index])) {
-    return null;
-  }
-  let nextIndex = index + 1;
-  while (nextIndex < template.length && isIdentifierPart(template[nextIndex])) {
-    nextIndex += 1;
-  }
-  return {
-    value: template.slice(index, nextIndex),
-    index: nextIndex
-  };
-}
-function createBasicAuthTemplateParserContext(template) {
-  const nextQuoteIndexes = new Int32Array(template.length + 1);
-  const nextBackslashIndexes = new Int32Array(template.length + 1);
-  const nextTemplateIndexes = new Int32Array(template.length + 1);
-  let nextQuoteIndex = -1;
-  let nextBackslashIndex = -1;
-  let nextTemplateIndex = -1;
-  nextQuoteIndexes[template.length] = nextQuoteIndex;
-  nextBackslashIndexes[template.length] = nextBackslashIndex;
-  nextTemplateIndexes[template.length] = nextTemplateIndex;
-  for (let index = template.length - 1; index >= 0; index -= 1) {
-    if (template[index] === '"') {
-      nextQuoteIndex = index;
-    }
-    if (template[index] === "\\") {
-      nextBackslashIndex = index;
-    }
-    if (template.startsWith("${{", index)) {
-      nextTemplateIndex = index;
-    }
-    nextQuoteIndexes[index] = nextQuoteIndex;
-    nextBackslashIndexes[index] = nextBackslashIndex;
-    nextTemplateIndexes[index] = nextTemplateIndex;
-  }
-  return { nextQuoteIndexes, nextBackslashIndexes, nextTemplateIndexes };
-}
-function parseBasicAuthTemplateArg(context2, template, index) {
-  let nextIndex = skipTemplateWhitespace(template, index);
-  const char = template[nextIndex];
-  if (char === "," || char === ")") {
-    return { arg: {}, index: nextIndex };
-  }
-  if (char === '"') {
-    const literalStart = nextIndex + 1;
-    const quoteIndex = context2.nextQuoteIndexes[literalStart] ?? -1;
-    if (quoteIndex === -1) {
-      const nestedTemplateStart = context2.nextTemplateIndexes[literalStart] ?? -1;
-      return {
-        arg: null,
-        index: nestedTemplateStart === -1 ? template.length : nestedTemplateStart
-      };
-    }
-    const escapeIndex = context2.nextBackslashIndexes[literalStart] ?? -1;
-    if (escapeIndex !== -1 && escapeIndex < quoteIndex) {
-      const nestedTemplateStart = context2.nextTemplateIndexes[literalStart] ?? -1;
-      return {
-        arg: null,
-        index: nestedTemplateStart !== -1 && nestedTemplateStart < escapeIndex ? nestedTemplateStart : escapeIndex + 1
-      };
-    }
-    return {
-      arg: { literal: template.slice(literalStart, quoteIndex) },
-      index: quoteIndex + 1
-    };
-  }
-  let namespace;
-  if (template.startsWith("secrets.", nextIndex)) {
-    namespace = "secrets";
-    nextIndex += "secrets.".length;
-  } else if (template.startsWith("vars.", nextIndex)) {
-    namespace = "vars";
-    nextIndex += "vars.".length;
-  } else {
-    return { arg: null, index: nextIndex };
-  }
-  const key = parseTemplateIdentifier(template, nextIndex);
-  if (!key) {
-    return { arg: null, index: nextIndex };
-  }
-  return {
-    arg: { namespace, key: key.value },
-    index: key.index
-  };
-}
-function parseBasicAuthTemplateAt(context2, template, start) {
-  let index = start + "${{".length;
-  index = skipTemplateWhitespace(template, index);
-  if (!template.startsWith("basic(", index)) {
-    return { match: null, index: start + "${{".length };
-  }
-  index += "basic(".length;
-  const first = parseBasicAuthTemplateArg(context2, template, index);
-  if (!first.arg) {
-    return { match: null, index: first.index };
-  }
-  index = skipTemplateWhitespace(template, first.index);
-  if (template[index] !== ",") {
-    return { match: null, index: Math.max(index + 1, first.index) };
-  }
-  index += 1;
-  const second = parseBasicAuthTemplateArg(context2, template, index);
-  if (!second.arg) {
-    return { match: null, index: second.index };
-  }
-  index = skipTemplateWhitespace(template, second.index);
-  if (template[index] !== ")") {
-    return { match: null, index: Math.max(index + 1, second.index) };
-  }
-  index += 1;
-  index = skipTemplateWhitespace(template, index);
-  if (!template.startsWith("}}", index)) {
-    return { match: null, index: Math.max(index + 1, second.index) };
-  }
-  const end = index + "}}".length;
-  return {
-    match: {
-      start,
-      end,
-      first: first.arg,
-      second: second.arg
-    },
-    index: end
-  };
-}
-function findNextBasicAuthTemplateStart(template, index) {
-  let basicIndex = template.indexOf("basic(", index);
-  while (basicIndex !== -1) {
-    let contentStart = basicIndex;
-    while (contentStart > index && isTemplateWhitespace(template[contentStart - 1])) {
-      contentStart -= 1;
-    }
-    const start = contentStart - "${{".length;
-    if (start >= index && template.startsWith("${{", start)) {
-      return start;
-    }
-    basicIndex = template.indexOf("basic(", basicIndex + "basic(".length);
-  }
-  return -1;
-}
-function parseBasicAuthTemplates(template) {
-  const matches = [];
-  let start = findNextBasicAuthTemplateStart(template, 0);
-  if (start === -1) {
-    return matches;
-  }
-  const context2 = createBasicAuthTemplateParserContext(template);
-  while (start !== -1) {
-    const parsed = parseBasicAuthTemplateAt(context2, template, start);
-    if (parsed.match) {
-      matches.push(parsed.match);
-      start = findNextBasicAuthTemplateStart(template, parsed.index);
-    } else {
-      start = findNextBasicAuthTemplateStart(
-        template,
-        Math.max(parsed.index, start + "${{".length)
-      );
-    }
-  }
-  return matches;
-}
-function forEachSimpleAuthReference(template, basicMatches, callback) {
-  let basicMatchIndex = 0;
-  for (const match of template.matchAll(AUTH_REFERENCE_PATTERN)) {
-    if (!match[1] || !match[2] || match.index === void 0) {
-      continue;
-    }
-    while (basicMatchIndex < basicMatches.length && basicMatches[basicMatchIndex].end <= match.index) {
-      basicMatchIndex += 1;
-    }
-    const basicMatch = basicMatches[basicMatchIndex];
-    if (basicMatch && match.index >= basicMatch.start && match.index < basicMatch.end) {
-      continue;
-    }
-    callback(match[1], match[2]);
-  }
-}
-function extractSecretNamesFromApis(apis) {
-  const names = /* @__PURE__ */ new Set();
-  for (const entry of apis) {
-    for (const value of Object.values(entry.auth.headers ?? {})) {
-      const basicMatches = parseBasicAuthTemplates(value);
-      forEachSimpleAuthReference(value, basicMatches, (namespace, name) => {
-        if (namespace === "secrets") {
-          names.add(name);
-        }
-      });
-      for (const match of basicMatches) {
-        if (match.first.namespace === "secrets" && match.first.key) {
-          names.add(match.first.key);
-        }
-        if (match.second.namespace === "secrets" && match.second.key) {
-          names.add(match.second.key);
-        }
-      }
-    }
-    if (entry.auth.base) {
-      for (const match of entry.auth.base.matchAll(AUTH_SECRET_PATTERN)) {
-        names.add(match[1]);
-      }
-    }
-    if (entry.auth.query) {
-      for (const value of Object.values(entry.auth.query)) {
-        for (const match of value.matchAll(AUTH_SECRET_PATTERN)) {
-          names.add(match[1]);
-        }
-      }
-    }
-  }
-  return [...names];
-}
-var BASE_URL_VARS_PATTERN = /\$\{\{\s*vars\.([a-zA-Z_][a-zA-Z0-9_]*)\s*\}\}/;
-var BASE_URL_VARS_PATTERN_G = new RegExp(BASE_URL_VARS_PATTERN.source, "g");
-
-// ../../packages/api-contracts/src/contracts/zero-agents.ts
-var c12 = initContract();
+var c13 = initContract();
 var zeroAgentVisibilitySchema = external_exports.enum(["public", "private"]);
 var zeroAgentCustomSkillNameSchema = external_exports.string().min(2).max(64).regex(/^[a-z0-9][a-z0-9-]*[a-z0-9]$/);
 var zeroAgentResponseSchema = external_exports.object({
@@ -95903,7 +96953,7 @@ var zeroAgentInstructionsResponseSchema = external_exports.object({
 var zeroAgentInstructionsRequestSchema = external_exports.object({
   content: external_exports.string()
 });
-var zeroAgentsMainContract = c12.router({
+var zeroAgentsMainContract = c13.router({
   create: {
     method: "POST",
     path: "/api/zero/agents",
@@ -95931,7 +96981,7 @@ var zeroAgentsMainContract = c12.router({
     summary: "List zero agents"
   }
 });
-var zeroAgentsByIdContract = c12.router({
+var zeroAgentsByIdContract = c13.router({
   get: {
     method: "GET",
     path: "/api/zero/agents/:id",
@@ -95984,9 +97034,9 @@ var zeroAgentsByIdContract = c12.router({
     path: "/api/zero/agents/:id",
     headers: authHeadersSchema,
     pathParams: external_exports.object({ id: external_exports.string().uuid() }),
-    body: c12.noBody(),
+    body: c13.noBody(),
     responses: {
-      204: c12.noBody(),
+      204: c13.noBody(),
       400: apiErrorSchema,
       401: apiErrorSchema,
       403: apiErrorSchema,
@@ -96000,7 +97050,7 @@ var zeroAgentPermissionPoliciesRequestSchema = external_exports.object({
   agentId: external_exports.string().uuid(),
   policies: firewallPoliciesSchema
 });
-var zeroAgentPermissionPoliciesContract = c12.router({
+var zeroAgentPermissionPoliciesContract = c13.router({
   update: {
     method: "PUT",
     path: "/api/zero/permission-policies",
@@ -96016,7 +97066,7 @@ var zeroAgentPermissionPoliciesContract = c12.router({
     summary: "Update zero agent permission policies (owner only)"
   }
 });
-var zeroAgentInstructionsContract = c12.router({
+var zeroAgentInstructionsContract = c13.router({
   get: {
     method: "GET",
     path: "/api/zero/agents/:id/instructions",
@@ -96108,7 +97158,7 @@ var zeroAgentSkillContentResponseSchema = external_exports.object({
 var zeroAgentSkillListResponseSchema = external_exports.array(
   zeroAgentCustomSkillSchema
 );
-var zeroSkillsCollectionContract = c12.router({
+var zeroSkillsCollectionContract = c13.router({
   list: {
     method: "GET",
     path: "/api/zero/skills",
@@ -96139,7 +97189,7 @@ var zeroSkillsCollectionContract = c12.router({
     summary: "Create a custom skill in the organization"
   }
 });
-var zeroSkillsDetailContract = c12.router({
+var zeroSkillsDetailContract = c13.router({
   get: {
     method: "GET",
     path: "/api/zero/skills/:name",
@@ -96173,9 +97223,9 @@ var zeroSkillsDetailContract = c12.router({
     path: "/api/zero/skills/:name",
     headers: authHeadersSchema,
     pathParams: external_exports.object({ name: zeroAgentCustomSkillNameSchema }),
-    body: c12.noBody(),
+    body: c13.noBody(),
     responses: {
-      204: c12.noBody(),
+      204: c13.noBody(),
       401: apiErrorSchema,
       403: apiErrorSchema,
       404: apiErrorSchema
@@ -96218,7 +97268,7 @@ var resolvePermissionAccessRequestSchema = external_exports.object({
   requestId: external_exports.string().uuid(),
   action: external_exports.enum(["approve", "reject"])
 });
-var permissionAccessRequestsCreateContract = c12.router({
+var permissionAccessRequestsCreateContract = c13.router({
   create: {
     method: "POST",
     path: "/api/zero/permission-access-requests",
@@ -96239,7 +97289,7 @@ var permissionAccessRequestsListQuerySchema = external_exports.object({
   requestId: external_exports.string().optional(),
   status: external_exports.string().optional()
 });
-var permissionAccessRequestsListContract = c12.router({
+var permissionAccessRequestsListContract = c13.router({
   list: {
     method: "GET",
     path: "/api/zero/permission-access-requests",
@@ -96254,7 +97304,7 @@ var permissionAccessRequestsListContract = c12.router({
     summary: "List permission access requests for an agent"
   }
 });
-var permissionAccessRequestsResolveContract = c12.router({
+var permissionAccessRequestsResolveContract = c13.router({
   resolve: {
     method: "PUT",
     path: "/api/zero/permission-access-requests",
@@ -96273,11 +97323,11 @@ var permissionAccessRequestsResolveContract = c12.router({
 
 // ../../packages/api-contracts/src/contracts/user-connectors.ts
 init_esm_shims();
-var c13 = initContract();
+var c14 = initContract();
 var userConnectorEnabledTypesSchema = external_exports.object({
   enabledTypes: external_exports.array(external_exports.string())
 });
-var zeroUserConnectorsContract = c13.router({
+var zeroUserConnectorsContract = c14.router({
   get: {
     method: "GET",
     path: "/api/zero/agents/:id/user-connectors",
@@ -106391,8 +107441,8 @@ var connectorOauthDeviceAuthSessionPollResponseSchema = external_exports.discrim
 ]);
 
 // ../../packages/api-contracts/src/contracts/zero-connectors.ts
-var c14 = initContract();
-var zeroConnectorsMainContract = c14.router({
+var c15 = initContract();
+var zeroConnectorsMainContract = c15.router({
   list: {
     method: "GET",
     path: "/api/zero/connectors",
@@ -106406,7 +107456,7 @@ var zeroConnectorsMainContract = c14.router({
     summary: "List all connectors (zero proxy)"
   }
 });
-var zeroConnectorsByTypeContract = c14.router({
+var zeroConnectorsByTypeContract = c15.router({
   get: {
     method: "GET",
     path: "/api/zero/connectors/:type",
@@ -106426,14 +107476,14 @@ var zeroConnectorsByTypeContract = c14.router({
     headers: authHeadersSchema,
     pathParams: external_exports.object({ type: connectorTypeSchema }),
     responses: {
-      204: c14.noBody(),
+      204: c15.noBody(),
       401: apiErrorSchema,
       404: apiErrorSchema
     },
     summary: "Disconnect a connector (zero proxy)"
   }
 });
-var zeroConnectorScopeDiffContract = c14.router({
+var zeroConnectorScopeDiffContract = c15.router({
   getScopeDiff: {
     method: "GET",
     path: "/api/zero/connectors/:type/scope-diff",
@@ -106448,7 +107498,7 @@ var zeroConnectorScopeDiffContract = c14.router({
     summary: "Get scope diff for a connector"
   }
 });
-var zeroConnectorAuthorizeContract = c14.router({
+var zeroConnectorAuthorizeContract = c15.router({
   authorize: {
     method: "GET",
     path: "/api/zero/connectors/:type/authorize",
@@ -106456,16 +107506,16 @@ var zeroConnectorAuthorizeContract = c14.router({
     pathParams: external_exports.object({ type: external_exports.string() }),
     query: external_exports.object({ session: external_exports.string().optional() }),
     responses: {
-      307: c14.noBody(),
+      307: c15.noBody(),
       400: external_exports.object({ error: external_exports.string() }),
-      401: c14.noBody(),
+      401: c15.noBody(),
       403: external_exports.object({ error: external_exports.string() }),
       500: external_exports.object({ error: external_exports.string() })
     },
     summary: "Start connector OAuth authorization (zero proxy)"
   }
 });
-var zeroConnectorOauthStartContract = c14.router({
+var zeroConnectorOauthStartContract = c15.router({
   start: {
     method: "POST",
     path: "/api/zero/connectors/:type/oauth/start",
@@ -106482,7 +107532,7 @@ var zeroConnectorOauthStartContract = c14.router({
     summary: "Create connector OAuth handoff and authorization URL"
   }
 });
-var zeroConnectorManualGrantContract = c14.router({
+var zeroConnectorManualGrantContract = c15.router({
   connect: {
     method: "POST",
     path: "/api/zero/connectors/:type/manual-grant",
@@ -106503,7 +107553,7 @@ var zeroConnectorManualGrantContract = c14.router({
     summary: "Connect a connector with a manual grant"
   }
 });
-var zeroConnectorOauthDeviceAuthSessionContract = c14.router({
+var zeroConnectorOauthDeviceAuthSessionContract = c15.router({
   create: {
     method: "POST",
     path: "/api/zero/connectors/:type/oauth/device/sessions",
@@ -106548,7 +107598,7 @@ var connectorSearchItemSchema = external_exports.object({
 var connectorSearchResponseSchema = external_exports.object({
   connectors: external_exports.array(connectorSearchItemSchema)
 });
-var zeroConnectorsSearchContract = c14.router({
+var zeroConnectorsSearchContract = c15.router({
   search: {
     method: "GET",
     path: "/api/zero/connectors/search",
@@ -106562,7 +107612,7 @@ var zeroConnectorsSearchContract = c14.router({
     summary: "Search available connector types"
   }
 });
-var zeroConnectorSessionsContract = c14.router({
+var zeroConnectorSessionsContract = c15.router({
   create: {
     method: "POST",
     path: "/api/zero/connectors/:type/sessions",
@@ -106578,7 +107628,7 @@ var zeroConnectorSessionsContract = c14.router({
     summary: "Create connector session for auth-code handoff"
   }
 });
-var zeroConnectorSessionByIdContract = c14.router({
+var zeroConnectorSessionByIdContract = c15.router({
   get: {
     method: "GET",
     path: "/api/zero/connectors/:type/sessions/:sessionId",
@@ -106666,7 +107716,7 @@ var listQuerySchema = external_exports.object({
   cursor: external_exports.string().optional(),
   limit: external_exports.coerce.number().min(1).max(100).default(20)
 });
-var c15 = initContract();
+var c16 = initContract();
 var logStatusSchema = external_exports.enum([
   "queued",
   "pending",
@@ -106737,7 +107787,7 @@ var logDetailSchema = external_exports.object({
   completedAt: external_exports.string().nullable(),
   artifact: artifactSchema
 });
-var logsListContract = c15.router({
+var logsListContract = c16.router({
   list: {
     method: "GET",
     path: "/api/zero/logs",
@@ -106759,7 +107809,7 @@ var logsListContract = c15.router({
     summary: "List agent run logs with pagination"
   }
 });
-var logsByIdContract = c15.router({
+var logsByIdContract = c16.router({
   getById: {
     method: "GET",
     path: "/api/zero/logs/:id",
@@ -106778,7 +107828,7 @@ var logsByIdContract = c15.router({
 });
 
 // ../../packages/api-contracts/src/contracts/runs.ts
-var c16 = initContract();
+var c17 = initContract();
 var directRunModelProviderTypeSchema = modelProviderTypeSchema.refine(
   (type) => {
     return type !== "vm0";
@@ -106943,7 +107993,7 @@ var runListItemSchema = external_exports.object({
 var runsListResponseSchema = external_exports.object({
   runs: external_exports.array(runListItemSchema)
 });
-var runsMainContract = c16.router({
+var runsMainContract = c17.router({
   /**
    * GET /api/agent/runs
    * List agent runs (pending and running by default)
@@ -106994,7 +108044,7 @@ var runsMainContract = c16.router({
     summary: "Create and execute agent run"
   }
 });
-var runsByIdContract = c16.router({
+var runsByIdContract = c17.router({
   /**
    * GET /api/agent/runs/:id
    * Get agent run status and results
@@ -107020,7 +108070,7 @@ var cancelRunResponseSchema = external_exports.object({
   status: external_exports.literal("cancelled"),
   message: external_exports.string()
 });
-var runsCancelContract = c16.router({
+var runsCancelContract = c17.router({
   /**
    * POST /api/agent/runs/:id/cancel
    * Cancel a pending or running run
@@ -107043,7 +108093,7 @@ var runsCancelContract = c16.router({
     summary: "Cancel a pending or running run"
   }
 });
-var runEventsContract = c16.router({
+var runEventsContract = c17.router({
   /**
    * GET /api/agent/runs/:id/events
    * Poll for agent run events with pagination
@@ -107137,7 +108187,7 @@ var telemetryResponseSchema = external_exports.object({
   systemLog: external_exports.string(),
   metrics: external_exports.array(telemetryMetricSchema)
 });
-var runTelemetryContract = c16.router({
+var runTelemetryContract = c17.router({
   /**
    * GET /api/agent/runs/:id/telemetry
    * Get aggregated telemetry data for a run (legacy combined format)
@@ -107157,7 +108207,7 @@ var runTelemetryContract = c16.router({
     summary: "Get run telemetry data"
   }
 });
-var runSystemLogContract = c16.router({
+var runSystemLogContract = c17.router({
   /**
    * GET /api/agent/runs/:id/telemetry/system-log
    * Get system log with pagination
@@ -107182,7 +108232,7 @@ var runSystemLogContract = c16.router({
     summary: "Get system log with pagination"
   }
 });
-var runMetricsContract = c16.router({
+var runMetricsContract = c17.router({
   /**
    * GET /api/agent/runs/:id/telemetry/metrics
    * Get metrics with pagination
@@ -107207,7 +108257,7 @@ var runMetricsContract = c16.router({
     summary: "Get metrics with pagination"
   }
 });
-var runAgentEventsContract = c16.router({
+var runAgentEventsContract = c17.router({
   /**
    * GET /api/agent/runs/:id/telemetry/agent
    * Get agent events with pagination (for vm0 logs default)
@@ -107232,7 +108282,7 @@ var runAgentEventsContract = c16.router({
     summary: "Get agent events with pagination"
   }
 });
-var runNetworkLogsContract = c16.router({
+var runNetworkLogsContract = c17.router({
   /**
    * GET /api/agent/runs/:id/telemetry/network
    * Get network logs with pagination (for vm0 logs --network)
@@ -107268,7 +108318,7 @@ var logsSearchResponseSchema = external_exports.object({
   results: external_exports.array(searchResultSchema),
   hasMore: external_exports.boolean()
 });
-var logsSearchContract = c16.router({
+var logsSearchContract = c17.router({
   /**
    * GET /api/logs/search
    * Search agent events across runs using keyword matching
@@ -107325,7 +108375,7 @@ var queueResponseSchema = external_exports.object({
   runningTasks: external_exports.array(runningTaskSchema),
   estimatedTimePerRun: external_exports.number().nullable()
 });
-var runsQueueContract = c16.router({
+var runsQueueContract = c17.router({
   /**
    * GET /api/agent/runs/queue
    * Get org run queue status including concurrency context and queued entries
@@ -107346,233 +108396,6 @@ var runsQueueContract = c16.router({
 // ../../packages/api-contracts/src/contracts/webhooks.ts
 init_esm_shims();
 
-// ../../packages/api-contracts/src/contracts/runners.ts
-init_esm_shims();
-var c17 = initContract();
-var MIN_EPOCH_MS_TIMESTAMP = 1e12;
-var apiStartTimeSchema = external_exports.number().int().min(MIN_EPOCH_MS_TIMESTAMP);
-var runnerGroupSchema = external_exports.string().regex(
-  /^[a-z0-9-]+\/[a-z0-9-]+$/,
-  "Runner group must be in vm0/<name> format (e.g., vm0/production)"
-);
-var jobSchema = external_exports.object({
-  runId: external_exports.uuid(),
-  prompt: external_exports.string(),
-  appendSystemPrompt: external_exports.string().nullable(),
-  agentComposeVersionId: external_exports.string().nullable(),
-  vars: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
-  checkpointId: external_exports.uuid().nullable(),
-  experimentalProfile: external_exports.string().optional()
-});
-var heldSessionStateSchema = external_exports.object({
-  sessionId: external_exports.string(),
-  lastCompletedAt: external_exports.string().datetime({ offset: true })
-});
-var runnersPollContract = c17.router({
-  poll: {
-    method: "POST",
-    path: "/api/runners/poll",
-    headers: authHeadersSchema,
-    body: external_exports.object({
-      group: runnerGroupSchema,
-      profiles: external_exports.array(external_exports.string()).optional(),
-      heldSessionStates: external_exports.array(heldSessionStateSchema).max(100).optional()
-    }),
-    responses: {
-      200: external_exports.object({
-        job: jobSchema.nullable()
-      }),
-      400: apiErrorSchema,
-      401: apiErrorSchema,
-      500: apiErrorSchema
-    },
-    summary: "Poll for pending jobs (long-polling with 30s timeout)"
-  }
-});
-var storageEntrySchema = external_exports.object({
-  name: external_exports.string(),
-  mountPath: external_exports.string(),
-  vasStorageName: external_exports.string(),
-  vasVersionId: external_exports.string(),
-  instructionsTargetFilename: external_exports.string().optional(),
-  archiveUrl: external_exports.string()
-});
-var artifactEntrySchema = external_exports.object({
-  mountPath: external_exports.string(),
-  vasStorageName: external_exports.string(),
-  vasStorageId: external_exports.string(),
-  vasVersionId: external_exports.string(),
-  archiveUrl: external_exports.string(),
-  manifestUrl: external_exports.string().optional()
-});
-var storageManifestSchema = external_exports.object({
-  storages: external_exports.array(storageEntrySchema),
-  artifacts: external_exports.array(artifactEntrySchema)
-});
-var resumeSessionSchema = external_exports.object({
-  sessionId: external_exports.string(),
-  sessionHistory: external_exports.string()
-});
-var secretConnectorMetadataSchema = external_exports.object({
-  sourceType: external_exports.enum(["connector", "model-provider"]),
-  sourceUserId: external_exports.string().optional(),
-  metadataKey: external_exports.string().optional()
-});
-var secretConnectorMetadataMapSchema = external_exports.record(
-  external_exports.string(),
-  secretConnectorMetadataSchema
-);
-var storedExecutionContextSchema = external_exports.object({
-  workingDir: external_exports.string(),
-  storageManifest: storageManifestSchema.nullable(),
-  environment: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
-  resumeSession: resumeSessionSchema.nullable(),
-  // AES-256-GCM encrypted Record<string, string>. Keys are the runtime secret
-  // names used by `${{ secrets.NAME }}`; connector/model-provider keys are env
-  // aliases, not backing storage secret names.
-  encryptedSecrets: external_exports.string().nullable(),
-  // Maps firewall auth secret env aliases (the `NAME` in `${{ secrets.NAME }}`) to
-  // their connector or provider owner. Keys are env aliases, not storage secret names.
-  secretConnectorMap: external_exports.record(external_exports.string(), external_exports.string()).nullable().optional(),
-  // Same keys as secretConnectorMap; adds source details when the owner alone
-  // is not enough to locate access storage (for example, personal model providers).
-  secretConnectorMetadataMap: secretConnectorMetadataMapSchema.nullable().optional(),
-  cliAgentType: external_exports.string(),
-  // Debug flag to force real Claude in mock environments (internal use only)
-  debugNoMockClaude: external_exports.boolean().optional(),
-  // Debug flag to force real Codex in mock environments (internal use only)
-  debugNoMockCodex: external_exports.boolean().optional(),
-  // Capture HTTP request headers, request bodies, and response bodies in network logs
-  captureNetworkBodies: external_exports.boolean().optional(),
-  // Dispatch timestamp for E2E timing metrics, as Unix epoch milliseconds
-  apiStartTime: apiStartTimeSchema.optional(),
-  // User's timezone preference (IANA format, e.g., "Asia/Shanghai")
-  userTimezone: external_exports.string().optional(),
-  // Firewall for proxy-side token replacement (complete config, all permissions)
-  firewalls: firewallsSchema.optional(),
-  // Per-firewall network policies: which permissions are granted + unknownPolicy
-  networkPolicies: networkPoliciesSchema.optional(),
-  // Tools to disable in Claude CLI (passed as --disallowed-tools)
-  disallowedTools: external_exports.array(external_exports.string()).optional(),
-  // Tools to make available in Claude CLI (passed as --tools)
-  tools: external_exports.array(external_exports.string()).optional(),
-  // Settings JSON to pass to Claude CLI (passed as --settings)
-  settings: external_exports.string().optional(),
-  // VM profile for resource allocation (e.g., "vm0/default")
-  experimentalProfile: external_exports.string().optional(),
-  // Feature flags evaluated at job creation time (all switch states for user/org)
-  featureFlags: external_exports.record(external_exports.string(), external_exports.boolean()).optional(),
-  billableFirewalls: external_exports.array(external_exports.string()).optional(),
-  modelUsageProvider: external_exports.string().optional()
-});
-var executionContextSchema = external_exports.object({
-  runId: external_exports.uuid(),
-  prompt: external_exports.string(),
-  appendSystemPrompt: external_exports.string().nullable(),
-  agentComposeVersionId: external_exports.string().nullable(),
-  vars: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
-  checkpointId: external_exports.uuid().nullable(),
-  sandboxToken: external_exports.string(),
-  // New fields for E2B parity:
-  workingDir: external_exports.string(),
-  storageManifest: storageManifestSchema.nullable(),
-  environment: external_exports.record(external_exports.string(), external_exports.string()).nullable(),
-  resumeSession: resumeSessionSchema.nullable(),
-  // Plain secret values used by the runner for redaction. These are values, not
-  // names, and are base64-encoded only when exported through VM0_SECRET_VALUES.
-  secretValues: external_exports.array(external_exports.string()).nullable(),
-  // AES-256-GCM encrypted Record<string, string>, passed through to mitm-addon
-  // for auth resolution. Keys are runtime secret names used by
-  // `${{ secrets.NAME }}`; connector/model-provider keys are env aliases, not
-  // backing storage secret names.
-  encryptedSecrets: external_exports.string().nullable(),
-  // Maps firewall auth secret env aliases (the `NAME` in `${{ secrets.NAME }}`) to
-  // their connector or provider owner. Keys are env aliases, not storage secret names.
-  secretConnectorMap: external_exports.record(external_exports.string(), external_exports.string()).nullable().optional(),
-  // Same keys as secretConnectorMap; adds source details when the owner alone
-  // is not enough to locate access storage (for example, personal model providers).
-  secretConnectorMetadataMap: secretConnectorMetadataMapSchema.nullable().optional(),
-  cliAgentType: external_exports.string(),
-  // Debug flag to force real Claude in mock environments (internal use only)
-  debugNoMockClaude: external_exports.boolean().optional(),
-  // Debug flag to force real Codex in mock environments (internal use only)
-  debugNoMockCodex: external_exports.boolean().optional(),
-  // Capture HTTP request headers, request bodies, and response bodies in network logs
-  captureNetworkBodies: external_exports.boolean().optional(),
-  // Dispatch timestamp for E2E timing metrics, as Unix epoch milliseconds
-  apiStartTime: apiStartTimeSchema.optional(),
-  // User's timezone preference (IANA format, e.g., "Asia/Shanghai")
-  userTimezone: external_exports.string().optional(),
-  // Firewall for proxy-side token replacement (complete config, all permissions)
-  firewalls: firewallsSchema.optional(),
-  // Per-firewall network policies: which permissions are granted + unknownPolicy
-  networkPolicies: networkPoliciesSchema.optional(),
-  // Tools to disable in Claude CLI (passed as --disallowed-tools)
-  disallowedTools: external_exports.array(external_exports.string()).optional(),
-  // Tools to make available in Claude CLI (passed as --tools)
-  tools: external_exports.array(external_exports.string()).optional(),
-  // Settings JSON to pass to Claude CLI (passed as --settings)
-  settings: external_exports.string().optional(),
-  // VM profile for resource allocation (e.g., "vm0/default")
-  experimentalProfile: external_exports.string().optional(),
-  // Feature flags evaluated at job creation time (all switch states for user/org)
-  featureFlags: external_exports.record(external_exports.string(), external_exports.boolean()).optional(),
-  billableFirewalls: external_exports.array(external_exports.string()).optional(),
-  modelUsageProvider: external_exports.string().optional()
-});
-var runnersJobClaimContract = c17.router({
-  claim: {
-    method: "POST",
-    path: "/api/runners/jobs/:id/claim",
-    headers: authHeadersSchema,
-    pathParams: external_exports.object({
-      id: external_exports.uuid()
-    }),
-    body: external_exports.object({}),
-    responses: {
-      200: executionContextSchema,
-      400: apiErrorSchema,
-      401: apiErrorSchema,
-      403: apiErrorSchema,
-      // Job does not belong to user
-      404: apiErrorSchema,
-      409: apiErrorSchema,
-      // Already claimed
-      500: apiErrorSchema
-    },
-    summary: "Claim a pending job for execution"
-  }
-});
-var heartbeatBodySchema = external_exports.object({
-  runnerId: external_exports.uuid(),
-  runnerName: external_exports.string(),
-  group: runnerGroupSchema,
-  profiles: external_exports.array(external_exports.string()),
-  totalVcpu: external_exports.number().int().nonnegative(),
-  totalMemoryMb: external_exports.number().int().nonnegative(),
-  maxConcurrent: external_exports.number().int().nonnegative(),
-  allocatedVcpu: external_exports.number().int().nonnegative(),
-  allocatedMemoryMb: external_exports.number().int().nonnegative(),
-  runningCount: external_exports.number().int().nonnegative(),
-  heldSessionStates: external_exports.array(heldSessionStateSchema),
-  mode: external_exports.enum(["running", "draining", "stopping"])
-});
-var runnersHeartbeatContract = c17.router({
-  heartbeat: {
-    method: "POST",
-    path: "/api/runners/heartbeat",
-    headers: authHeadersSchema,
-    body: heartbeatBodySchema,
-    responses: {
-      200: external_exports.object({ ok: external_exports.literal(true) }),
-      400: apiErrorSchema,
-      401: apiErrorSchema,
-      500: apiErrorSchema
-    },
-    summary: "Report runner heartbeat with capacity and state"
-  }
-});
-
 // ../../packages/api-contracts/src/contracts/storages.ts
 init_esm_shims();
 var c18 = initContract();
@@ -109038,6 +109861,7 @@ var chatMessagesContract = c21.router({
       402: apiErrorSchema,
       403: apiErrorSchema,
       404: apiErrorSchema,
+      409: apiErrorSchema,
       422: apiErrorSchema
     },
     summary: "Send a chat message (create thread + run + association)"
@@ -128617,18 +129441,524 @@ var MAX_RESPONSE_SIZE = 128 * 1024;
 
 // ../../packages/connectors/src/firewall-rule-matcher.ts
 init_esm_shims();
+var VALID_RULE_METHODS = /* @__PURE__ */ new Set([
+  "GET",
+  "POST",
+  "PUT",
+  "PATCH",
+  "DELETE",
+  "HEAD",
+  "OPTIONS",
+  "ANY"
+]);
+var FORBIDDEN_RUNTIME_HOST_CHARS = new Set("#%,/<>?@\\^|{}".split(""));
+var FORBIDDEN_BASE_PATTERN_HOST_CHARS = new Set("#%,/<>?@\\^|".split(""));
+var PERCENT_ESCAPE_LENGTH = 3;
+var HEX_DIGITS = new Set("0123456789abcdefABCDEF".split(""));
+var PATH_SCORE_MULTIPLIER = 1e6;
+var AUTHORITY_SCORE_MULTIPLIER = 100;
+var LITERAL_SEGMENT_SCORE = 1e3;
+var MIXED_PARAM_SEGMENT_SCORE = 100;
+var PLAIN_PARAM_SEGMENT_SCORE = 10;
+var PLUS_GREEDY_SEGMENT_SCORE = 1;
+var ROOT_PATH_SCORE = 1;
+var STATIC_BASE_SCORE_BONUS = 1;
+var PERCENT_DECODED_AUTHORITY_SYNTAX_CHARS = /* @__PURE__ */ new Set([
+  "{",
+  "}",
+  ".",
+  "\u3002",
+  "\uFF0E",
+  "\uFF61",
+  ":"
+]);
 function matchMixedSegment(runtime, prefix, suffix) {
   if (!runtime.startsWith(prefix)) return null;
   if (!runtime.endsWith(suffix)) return null;
   if (runtime.length <= prefix.length + suffix.length) return null;
   return runtime.slice(prefix.length, runtime.length - suffix.length);
 }
+function hasNonEmptySegment(segments, start) {
+  for (let i = start; i < segments.length; i++) {
+    if (segments[i] !== "") return true;
+  }
+  return false;
+}
+function codePointLength(value) {
+  return [...value].length;
+}
+function hasUnsafeRuntimeUrlSyntax(value) {
+  return hasUnsafeUrlCodepoint(value) || hasRawWhitespace(value) || value.includes("\\") || !value.includes("://");
+}
+function stripTrailingSlash(value) {
+  return value.endsWith("/") ? value.slice(0, -1) : value;
+}
+function isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix) {
+  return patternIndex !== lastPatternIndex || prefix !== "" || suffix !== "";
+}
+function pathSpecificity(pattern) {
+  if (!pattern.startsWith("/") || pattern.includes("?") || pattern.includes("#") || pattern.includes("\\") || hasRawWhitespace(pattern) || hasUnsafeUrlCodepoint(pattern)) {
+    return null;
+  }
+  let literalSegments = 0;
+  let mixedParamSegments = 0;
+  let plainParamSegments = 0;
+  let plusGreedySegments = 0;
+  let starGreedySegments = 0;
+  let literalChars = 0;
+  const segments = splitPathSegments(pattern);
+  const paramNames = /* @__PURE__ */ new Set();
+  const lastSegmentIndex = segments.length - 1;
+  for (let index = 0; index < segments.length; index += 1) {
+    const seg = segments[index];
+    const parsed = parseSegment(seg);
+    if (parsed.kind === "error") return null;
+    if (parsed.kind === "literal") {
+      literalSegments += 1;
+      literalChars += codePointLength(parsed.value);
+      continue;
+    }
+    if (paramNames.has(parsed.name)) return null;
+    paramNames.add(parsed.name);
+    if (parsed.greedy !== "" && isInvalidGreedyParam(
+      index,
+      lastSegmentIndex,
+      parsed.prefix,
+      parsed.suffix
+    )) {
+      return null;
+    }
+    literalChars += codePointLength(parsed.prefix) + codePointLength(parsed.suffix);
+    if (parsed.prefix !== "" || parsed.suffix !== "") {
+      mixedParamSegments += 1;
+    } else if (parsed.greedy === "+") {
+      plusGreedySegments += 1;
+    } else if (parsed.greedy === "*") {
+      starGreedySegments += 1;
+    } else {
+      plainParamSegments += 1;
+    }
+  }
+  return [
+    literalSegments,
+    mixedParamSegments,
+    plainParamSegments,
+    plusGreedySegments,
+    -starGreedySegments,
+    literalChars,
+    segments.length
+  ];
+}
+function comparePathSpecificity(left, right) {
+  for (let i = 0; i < left.length; i++) {
+    const difference = left[i] - right[i];
+    if (difference !== 0) return difference;
+  }
+  return 0;
+}
+function matchingRulePath(rule, upperMethod) {
+  const spaceIdx = rule.indexOf(" ");
+  if (spaceIdx === -1) return null;
+  const ruleMethod = rule.slice(0, spaceIdx);
+  if (!VALID_RULE_METHODS.has(ruleMethod)) return null;
+  if (ruleMethod !== "ANY" && ruleMethod !== upperMethod) return null;
+  return rule.slice(spaceIdx + 1);
+}
+function isValidPermissionName(permissionName) {
+  return permissionName !== "" && permissionName !== "all";
+}
+function isObjectRecord(value) {
+  if (typeof value !== "object" || value === null || Array.isArray(value)) {
+    return false;
+  }
+  const prototype = Object.getPrototypeOf(value);
+  return prototype === Object.prototype || prototype === null;
+}
+function isStringRecord(value) {
+  if (!isObjectRecord(value)) return false;
+  return Object.values(value).every((entry) => {
+    return typeof entry === "string";
+  });
+}
+function isValidAuthConfig(auth, serviceName2) {
+  if (!isObjectRecord(auth)) return false;
+  if (auth.headers !== void 0 && !isStringRecord(auth.headers)) return false;
+  if (auth.base !== void 0) {
+    if (typeof auth.base !== "string") return false;
+    validateAuthBaseUrl(auth.base, serviceName2);
+  }
+  return auth.query === void 0 || isStringRecord(auth.query);
+}
+function isValidApiEntry(api, serviceName2) {
+  if (!isObjectRecord(api)) return false;
+  if (typeof api.base !== "string") return false;
+  try {
+    validateBaseUrl(api.base, serviceName2);
+    if (!isValidAuthConfig(api.auth, serviceName2)) return false;
+  } catch {
+    return false;
+  }
+  return true;
+}
+function getPermissionName(permission) {
+  if (!isObjectRecord(permission)) return null;
+  if (typeof permission.name !== "string") return null;
+  if (!isValidPermissionName(permission.name)) return null;
+  return permission.name;
+}
+function getPermissionRules(permission) {
+  if (!isObjectRecord(permission)) return [];
+  if (!Array.isArray(permission.rules)) return [];
+  const rules = permission.rules.filter((rule) => {
+    return typeof rule === "string";
+  });
+  return rules;
+}
+function getApiPermissionsForMatch(api, serviceName2, apiBase) {
+  if (!isValidApiEntry(api, serviceName2)) return null;
+  if (apiBase !== null && stripTrailingSlash(api.base) !== apiBase) return null;
+  if (api.permissions === void 0) return null;
+  if (!Array.isArray(api.permissions)) return null;
+  return api.permissions;
+}
+function recordPermissionMatch(state, permission, specificity) {
+  if (state.bestSpecificity === null || comparePathSpecificity(specificity, state.bestSpecificity) > 0) {
+    state.bestSpecificity = specificity;
+    state.matched.length = 0;
+  }
+  if (comparePathSpecificity(specificity, state.bestSpecificity) === 0 && !state.matched.includes(permission)) {
+    state.matched.push(permission);
+  }
+}
+function relativePathFromSegments(segments, consumed) {
+  const rest = segments.slice(consumed).join("/");
+  return rest === "" ? "/" : `/${rest}`;
+}
+function stripUrlQueryAndFragment2(url2) {
+  const queryIndex = url2.indexOf("?");
+  const fragmentIndex = url2.indexOf("#");
+  let end = url2.length;
+  if (queryIndex !== -1) end = Math.min(end, queryIndex);
+  if (fragmentIndex !== -1) end = Math.min(end, fragmentIndex);
+  return url2.slice(0, end);
+}
+function rawPathFromUrl(url2) {
+  const urlWithoutQuery = stripUrlQueryAndFragment2(url2);
+  const schemeEnd = urlWithoutQuery.indexOf("://");
+  const authorityStart = schemeEnd === -1 ? 0 : schemeEnd + 3;
+  const pathStart = urlWithoutQuery.indexOf("/", authorityStart);
+  return pathStart === -1 ? "/" : urlWithoutQuery.slice(pathStart);
+}
+function rawBasePathFromUrl(url2) {
+  const urlWithoutQuery = stripUrlQueryAndFragment2(url2);
+  const schemeEnd = urlWithoutQuery.indexOf("://");
+  const authorityStart = schemeEnd === -1 ? 0 : schemeEnd + 3;
+  const pathStart = urlWithoutQuery.indexOf("/", authorityStart);
+  return pathStart === -1 ? "" : urlWithoutQuery.slice(pathStart);
+}
+function rawAuthorityFromUrl(url2) {
+  const urlWithoutQuery = stripUrlQueryAndFragment2(url2);
+  const schemeEnd = urlWithoutQuery.indexOf("://");
+  if (schemeEnd === -1) return null;
+  const authorityStart = schemeEnd + 3;
+  const pathStart = urlWithoutQuery.indexOf("/", authorityStart);
+  const authority = pathStart === -1 ? urlWithoutQuery.slice(authorityStart) : urlWithoutQuery.slice(authorityStart, pathStart);
+  return authority === "" ? null : authority;
+}
+function hasNonAscii(value) {
+  for (let index = 0; index < value.length; index += 1) {
+    if (value.charCodeAt(index) > 127) return true;
+  }
+  return false;
+}
+function rawHostFromAuthority2(authority) {
+  const withoutUserinfo = authority.slice(authority.lastIndexOf("@") + 1);
+  if (withoutUserinfo.startsWith("[")) {
+    const closeBracket = withoutUserinfo.indexOf("]");
+    return closeBracket === -1 ? withoutUserinfo : withoutUserinfo.slice(0, closeBracket + 1);
+  }
+  const portSeparator = withoutUserinfo.lastIndexOf(":");
+  return portSeparator === -1 ? withoutUserinfo : withoutUserinfo.slice(0, portSeparator);
+}
+function rawAuthorityHostStartsWithDigit(authority) {
+  const firstChar = rawHostFromAuthority2(authority)[0];
+  return firstChar !== void 0 && firstChar >= "0" && firstChar <= "9";
+}
+function runtimeAuthorityOriginForHostValidation(url2) {
+  const authority = rawAuthorityFromUrl(url2);
+  if (authority === null) return null;
+  if (!authority.includes("%") && !hasNonAscii(authority) && !rawAuthorityHostStartsWithDigit(authority)) {
+    return null;
+  }
+  const schemeEnd = url2.indexOf("://");
+  if (schemeEnd === -1) return null;
+  return `${url2.slice(0, schemeEnd)}://${authority}`;
+}
+function hasPercentEncodedAuthoritySyntax(value) {
+  let index = value.indexOf("%");
+  while (index !== -1) {
+    let runEnd = index;
+    while (runEnd < value.length && value[runEnd] === "%") {
+      const firstHexDigit = value[runEnd + 1];
+      const secondHexDigit = value[runEnd + 2];
+      if (!firstHexDigit || !secondHexDigit || !HEX_DIGITS.has(firstHexDigit) || !HEX_DIGITS.has(secondHexDigit)) {
+        return true;
+      }
+      runEnd += PERCENT_ESCAPE_LENGTH;
+    }
+    let decodedRun;
+    try {
+      decodedRun = decodeURIComponent(value.slice(index, runEnd));
+    } catch {
+      return true;
+    }
+    for (const char of decodedRun) {
+      if (PERCENT_DECODED_AUTHORITY_SYNTAX_CHARS.has(char)) {
+        return true;
+      }
+    }
+    index = value.indexOf("%", runEnd);
+  }
+  return false;
+}
+function hasMalformedRuntimeAuthoritySyntax(url2) {
+  const authority = rawAuthorityFromUrl(url2);
+  if (authority === null) return false;
+  return authority.includes("\\") || hasPercentEncodedAuthoritySyntax(authority);
+}
+function scoreLiteralSegment(segment2) {
+  return LITERAL_SEGMENT_SCORE + codePointLength(segment2);
+}
+function scorePatternSegment(segment2, allowParams) {
+  if (!allowParams) return scoreLiteralSegment(segment2);
+  const parsed = parseSegment(segment2);
+  if (parsed.kind === "error") return 0;
+  if (parsed.kind === "literal") {
+    return scoreLiteralSegment(parsed.value);
+  }
+  const literalChars = codePointLength(parsed.prefix) + codePointLength(parsed.suffix);
+  if (parsed.prefix !== "" || parsed.suffix !== "") {
+    return MIXED_PARAM_SEGMENT_SCORE + literalChars;
+  }
+  if (parsed.greedy === "+") return PLUS_GREEDY_SEGMENT_SCORE;
+  if (parsed.greedy === "*") return 0;
+  return PLAIN_PARAM_SEGMENT_SCORE;
+}
+function scorePatternSegments(segments, allowParams) {
+  return segments.reduce((score, segment2) => {
+    return score + scorePatternSegment(segment2, allowParams);
+  }, 0);
+}
+function scorePathPattern(path3, allowParams) {
+  if (path3 === "") return 0;
+  if (path3 === "/") return ROOT_PATH_SCORE;
+  return scorePatternSegments(splitPathSegments(path3), allowParams);
+}
+function splitAuthoritySegments(authority) {
+  if (authority.startsWith("[")) return [authority];
+  const normalized = authority.endsWith(".") ? authority.slice(0, -1) : authority;
+  return normalized === "" ? [] : normalized.split(".");
+}
+function baseUrlSpecificityScore(rawBase, hasParams) {
+  const baseForMatch = stripTrailingSlash(rawBase);
+  const authorityScore = scorePatternSegments(
+    splitAuthoritySegments(rawAuthorityFromUrl(baseForMatch) ?? ""),
+    hasParams
+  );
+  const pathScore = scorePathPattern(
+    rawBasePathFromUrl(baseForMatch),
+    hasParams
+  );
+  return pathScore * PATH_SCORE_MULTIPLIER + authorityScore * AUTHORITY_SCORE_MULTIPLIER + (hasParams ? 0 : STATIC_BASE_SCORE_BONUS);
+}
+function matchStaticBasePathPrefix(path3, pattern) {
+  if (pattern === "") {
+    return path3 === "" ? "/" : path3;
+  }
+  if (pattern === "/") {
+    if (!path3.startsWith(pattern)) return null;
+    const relativePath2 = path3.slice(pattern.length);
+    if (relativePath2 !== "" && !relativePath2.startsWith("/")) return null;
+    return relativePath2 === "" ? "/" : relativePath2;
+  }
+  if (!path3.startsWith(pattern)) return null;
+  const relativePath = path3.slice(pattern.length);
+  if (relativePath !== "" && !relativePath.startsWith("/")) return null;
+  return relativePath === "" ? "/" : relativePath;
+}
+function normalizeUrlHostname(hostname4, options = {}) {
+  let normalized = hostname4.toLowerCase();
+  if (normalized.endsWith(".")) {
+    normalized = normalized.slice(0, -1);
+    if (normalized === "" || normalized.endsWith(".")) {
+      return null;
+    }
+  }
+  if (normalized.split(".").some((label) => {
+    return label === "";
+  })) {
+    return null;
+  }
+  const forbiddenChars = options.allowHostParams === true ? FORBIDDEN_BASE_PATTERN_HOST_CHARS : FORBIDDEN_RUNTIME_HOST_CHARS;
+  if (!normalized.startsWith("[") && [...normalized].some((char) => {
+    return forbiddenChars.has(char);
+  })) {
+    return null;
+  }
+  return normalized;
+}
+function normalizedUrlAuthority(parsed, options = {}) {
+  if (parsed.username !== "" || parsed.password !== "") {
+    return null;
+  }
+  const hostname4 = normalizeUrlHostname(parsed.hostname, options);
+  if (hostname4 === null || hostname4 === "") {
+    return null;
+  }
+  return parsed.port === "" ? hostname4 : `${hostname4}:${parsed.port}`;
+}
+function matchStaticFirewallBaseUrl(url2, rawBase) {
+  const parsedUrl = new URL(url2);
+  const parsedBase = new URL(rawBase);
+  if (parsedUrl.protocol.toLowerCase() !== parsedBase.protocol.toLowerCase()) {
+    return null;
+  }
+  const baseHasParams = hasBaseUrlParams(rawBase);
+  const baseForMatch = stripTrailingSlash(rawBase);
+  const urlAuthority = normalizedUrlAuthority(parsedUrl);
+  const baseAuthority = normalizedUrlAuthority(parsedBase, {
+    allowHostParams: baseHasParams
+  });
+  if (urlAuthority === null || baseAuthority === null) return null;
+  if (baseHasParams) {
+    if (matchFirewallHost(urlAuthority, baseAuthority) === null) return null;
+  } else if (urlAuthority !== baseAuthority) {
+    return null;
+  }
+  const basePath = rawBasePathFromUrl(baseForMatch);
+  const relativePath = baseHasParams ? matchFirewallPathPrefix(rawPathFromUrl(url2), basePath) : matchStaticBasePathPrefix(rawPathFromUrl(url2), basePath);
+  if (relativePath === null) return null;
+  const displayBase = stripTrailingSlash(rawBase);
+  return {
+    displayBase,
+    relativePath,
+    score: baseUrlSpecificityScore(rawBase, baseHasParams)
+  };
+}
+function matchFirewallBaseUrl(url2, rawBase) {
+  if (hasUnsafeRuntimeUrlSyntax(url2) || hasMalformedRuntimeAuthoritySyntax(url2)) {
+    return null;
+  }
+  const runtimeAuthorityOrigin = runtimeAuthorityOriginForHostValidation(url2);
+  try {
+    if (runtimeAuthorityOrigin !== null) {
+      validateBaseUrl(runtimeAuthorityOrigin, "runtime");
+    }
+    validateBaseUrl(rawBase, "firewall");
+    return matchStaticFirewallBaseUrl(url2, rawBase);
+  } catch {
+    return null;
+  }
+}
+function matchFirewallHost(host, pattern) {
+  const hostSegsOrig = host.split(".");
+  const hostSegsLower = hostSegsOrig.map((segment2) => {
+    return segment2.toLowerCase();
+  });
+  const patternSegs = pattern.split(".").reverse();
+  hostSegsOrig.reverse();
+  hostSegsLower.reverse();
+  const params = {};
+  let hi = 0;
+  const lastPatternIndex = patternSegs.length - 1;
+  for (let patternIndex = 0; patternIndex < patternSegs.length; patternIndex++) {
+    const seg = patternSegs[patternIndex];
+    const parsed = parseSegment(seg);
+    if (parsed.kind === "error") return null;
+    if (parsed.kind === "literal") {
+      if (hi >= hostSegsLower.length || hostSegsLower[hi] !== parsed.value.toLowerCase()) {
+        return null;
+      }
+      hi += 1;
+      continue;
+    }
+    const { name, prefix, suffix, greedy } = parsed;
+    if (greedy === "+") {
+      if (isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix))
+        return null;
+      if (hi >= hostSegsOrig.length) return null;
+      params[name] = hostSegsOrig.slice(hi).reverse().join(".");
+      return params;
+    }
+    if (greedy === "*") {
+      if (isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix))
+        return null;
+      params[name] = hostSegsOrig.slice(hi).reverse().join(".");
+      return params;
+    }
+    if (hi >= hostSegsOrig.length) return null;
+    if (prefix === "" && suffix === "") {
+      params[name] = hostSegsLower[hi];
+    } else {
+      const captured = matchMixedSegment(
+        hostSegsLower[hi],
+        prefix.toLowerCase(),
+        suffix.toLowerCase()
+      );
+      if (captured === null) return null;
+      params[name] = captured;
+    }
+    hi += 1;
+  }
+  return hi === hostSegsOrig.length ? params : null;
+}
+function matchFirewallPathPrefix(path3, pattern) {
+  const pathSegs = splitPathSegments(path3);
+  const patternSegs = splitPathSegments(pattern);
+  let pi = 0;
+  const lastPatternIndex = patternSegs.length - 1;
+  for (let patternIndex = 0; patternIndex < patternSegs.length; patternIndex++) {
+    const seg = patternSegs[patternIndex];
+    const parsed = parseSegment(seg);
+    if (parsed.kind === "error") return null;
+    if (parsed.kind === "literal") {
+      if (pi >= pathSegs.length || pathSegs[pi] !== parsed.value) return null;
+      pi += 1;
+      continue;
+    }
+    const { prefix, suffix, greedy } = parsed;
+    if (greedy === "+") {
+      if (isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix))
+        return null;
+      if (pi >= pathSegs.length || !hasNonEmptySegment(pathSegs, pi)) {
+        return null;
+      }
+      return "/";
+    }
+    if (greedy === "*") {
+      if (isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix))
+        return null;
+      return "/";
+    }
+    if (pi >= pathSegs.length) return null;
+    const runtime = pathSegs[pi];
+    if (prefix === "" && suffix === "") {
+      if (runtime === "") return null;
+    } else if (matchMixedSegment(runtime, prefix, suffix) === null) {
+      return null;
+    }
+    pi += 1;
+  }
+  return relativePathFromSegments(pathSegs, pi);
+}
 function matchFirewallPath(path3, pattern) {
-  const pathSegs = path3.split("/").filter(Boolean);
-  const patternSegs = pattern.split("/").filter(Boolean);
+  const pathSegs = splitPathSegments(path3);
+  const patternSegs = splitPathSegments(pattern);
   const params = {};
   let pi = 0;
-  for (const seg of patternSegs) {
+  const lastPatternIndex = patternSegs.length - 1;
+  for (let patternIndex = 0; patternIndex < patternSegs.length; patternIndex++) {
+    const seg = patternSegs[patternIndex];
     const parsed = parseSegment(seg);
     if (parsed.kind === "error") return null;
     if (parsed.kind === "literal") {
@@ -128638,17 +129968,24 @@ function matchFirewallPath(path3, pattern) {
     }
     const { name, prefix, suffix, greedy } = parsed;
     if (greedy === "+") {
-      if (pi >= pathSegs.length) return null;
+      if (isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix))
+        return null;
+      if (pi >= pathSegs.length || !hasNonEmptySegment(pathSegs, pi)) {
+        return null;
+      }
       params[name] = pathSegs.slice(pi).join("/");
       return params;
     }
     if (greedy === "*") {
+      if (isInvalidGreedyParam(patternIndex, lastPatternIndex, prefix, suffix))
+        return null;
       params[name] = pathSegs.slice(pi).join("/");
       return params;
     }
     if (pi >= pathSegs.length) return null;
     const runtime = pathSegs[pi];
     if (prefix === "" && suffix === "") {
+      if (runtime === "") return null;
       params[name] = runtime;
     } else {
       const captured = matchMixedSegment(runtime, prefix, suffix);
@@ -128660,27 +129997,40 @@ function matchFirewallPath(path3, pattern) {
   if (pi !== pathSegs.length) return null;
   return params;
 }
-function findMatchingPermissions(method, path3, config4) {
+function findMatchingPermissions(method, path3, config4, options = {}) {
+  if (!isObjectRecord(config4)) return [];
+  if (typeof config4.name !== "string" || config4.name === "") return [];
+  if (!Array.isArray(config4.apis)) return [];
   const upperMethod = method.toUpperCase();
-  const matched = /* @__PURE__ */ new Set();
+  const apiBase = options.apiBase === void 0 ? null : stripTrailingSlash(options.apiBase);
+  const matched = [];
   for (const api of config4.apis) {
-    if (!api.permissions) continue;
-    for (const perm of api.permissions) {
-      if (matched.has(perm.name)) continue;
-      for (const rule of perm.rules) {
-        const spaceIdx = rule.indexOf(" ");
-        if (spaceIdx === -1) continue;
-        const ruleMethod = rule.slice(0, spaceIdx).toUpperCase();
-        const rest = rule.slice(spaceIdx + 1);
-        if (ruleMethod !== "ANY" && ruleMethod !== upperMethod) continue;
+    const permissions = getApiPermissionsForMatch(api, config4.name, apiBase);
+    if (permissions === null) continue;
+    const state = { bestSpecificity: null, matched: [] };
+    const seenPermissionNames = /* @__PURE__ */ new Set();
+    for (const rawPermission of permissions) {
+      const permissionName = getPermissionName(rawPermission);
+      if (permissionName === null) continue;
+      if (seenPermissionNames.has(permissionName)) continue;
+      seenPermissionNames.add(permissionName);
+      for (const rule of getPermissionRules(rawPermission)) {
+        const rest = matchingRulePath(rule, upperMethod);
+        if (rest === null) continue;
         if (matchFirewallPath(path3, rest) !== null) {
-          matched.add(perm.name);
-          break;
+          const specificity = pathSpecificity(rest);
+          if (specificity === null) continue;
+          recordPermissionMatch(state, permissionName, specificity);
         }
       }
     }
+    for (const permission of state.matched) {
+      if (!matched.includes(permission)) {
+        matched.push(permission);
+      }
+    }
   }
-  return [...matched];
+  return matched;
 }
 
 // ../../packages/api-contracts/src/contracts/zero-feature-switches.ts
@@ -131344,6 +132694,11 @@ var FEATURE_SWITCHES = {
     description: "Reveal activity debug surfaces, activity log navigation, appended system prompts, and Debug preferences",
     enabled: false
   },
+  ["userPermissionGrants" /* UserPermissionGrants */]: {
+    maintainer: "liangyou@vm0.ai",
+    description: "Gate the per-user Zero firewall permission grant rollout. Disabled by default while storage, API, runtime, and UI changes land separately.",
+    enabled: false
+  },
   ["computerUse" /* ComputerUse */]: {
     maintainer: "ethan@vm0.ai",
     description: "Enable remote desktop host registration",
@@ -131488,6 +132843,7 @@ var MODEL_DISPLAY_NAMES = Object.freeze({
   "deepseek/deepseek-v4-pro": "DeepSeek V4 Pro",
   "deepseek/deepseek-v4-flash": "DeepSeek V4 Flash",
   // MiniMax
+  "MiniMax-M3": "MiniMax M3",
   "MiniMax-M2.7": "MiniMax M2.7",
   "MiniMax-M2.1": "MiniMax M2.1",
   "minimax/minimax-m2.5": "MiniMax M2.5",
@@ -132821,6 +134177,7 @@ export {
   withErrorHandler,
   require_dist,
   extractAndGroupVariables,
+  extractSecretNamesFromApis,
   volumeConfigSchema,
   agentDefinitionSchema,
   getComposeByName,
@@ -132828,7 +134185,6 @@ export {
   getComposeById,
   getComposeVersion,
   createOrUpdateCompose,
-  extractSecretNamesFromApis,
   getVm0ModelMultiplier,
   MODEL_PROVIDER_TYPES,
   getSelectableProviderTypes,
@@ -132971,6 +134327,7 @@ export {
   isFirewallConnectorType,
   getConnectorFirewall,
   resolveFirewallPolicies,
+  matchFirewallBaseUrl,
   findMatchingPermissions,
   parseEvent,
   EventStreamNormalizer,
@@ -132999,4 +134356,4 @@ undici/lib/web/fetch/body.js:
 undici/lib/web/websocket/frame.js:
   (*! ws. MIT License. Einar Otto Stangvik <einaros@gmail.com> *)
 */
-//# sourceMappingURL=chunk-6E4KIIR5.js.map
+//# sourceMappingURL=chunk-FHVH4FYZ.js.map