@yan162/changewayguard 6.8.25

package/dashboard-dist/api/217.index.js

@@ -0,0 +1,44 @@
+export const id = 217;
+export const ids = [217];
+export const modules = {
+
+/***/ 3598:
+/***/ ((__webpack_module__, __webpack_exports__, __webpack_require__) => {
+
+__webpack_require__.a(__webpack_module__, async (__webpack_handle_async_dependencies__, __webpack_async_result__) => { try {
+/* harmony export */ __webpack_require__.d(__webpack_exports__, {
+/* harmony export */   resultsRouter: () => (/* binding */ resultsRouter)
+/* harmony export */ });
+/* harmony import */ var express__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(316);
+/* harmony import */ var _og_db__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(6020);
+var __webpack_async_dependencies__ = __webpack_handle_async_dependencies__([_og_db__WEBPACK_IMPORTED_MODULE_1__]);
+_og_db__WEBPACK_IMPORTED_MODULE_1__ = (__webpack_async_dependencies__.then ? (await __webpack_async_dependencies__)() : __webpack_async_dependencies__)[0];
+
+
+const results = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .detectionResultQueries */ .xd)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const resultsRouter = (0,express__WEBPACK_IMPORTED_MODULE_0__.Router)();
+// GET /api/results
+resultsRouter.get("/", async (req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        const limit = parseInt(req.query.limit) || 50;
+        const offset = parseInt(req.query.offset) || 0;
+        const agentId = req.query.agentId;
+        const data = agentId
+            ? await results.findByAgentId(agentId, { limit, offset, tenantId })
+            : await results.findAll({ limit, offset, tenantId });
+        res.json({ success: true, data });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+//# sourceMappingURL=results.js.map
+__webpack_async_result__();
+} catch(e) { __webpack_async_result__(e); } });
+
+/***/ })
+
+};
+
+//# sourceMappingURL=217.index.js.map

package/dashboard-dist/api/217.index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"217.index.js","mappings":";;;;;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","sources":[".././dist/routes/results.js"],"sourcesContent":["import { Router } from \"express\";\nimport { db, detectionResultQueries } from \"@og/db\";\nconst results = detectionResultQueries(db);\nexport const resultsRouter = Router();\n// GET /api/results\nresultsRouter.get(\"/\", async (req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        const limit = parseInt(req.query.limit) || 50;\n        const offset = parseInt(req.query.offset) || 0;\n        const agentId = req.query.agentId;\n        const data = agentId\n            ? await results.findByAgentId(agentId, { limit, offset, tenantId })\n            : await results.findAll({ limit, offset, tenantId });\n        res.json({ success: true, data });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n//# sourceMappingURL=results.js.map"],"names":[],"sourceRoot":""}

package/dashboard-dist/api/222.index.js

@@ -0,0 +1,90 @@
+export const id = 222;
+export const ids = [222];
+export const modules = {
+
+/***/ 9222:
+/***/ ((__webpack_module__, __webpack_exports__, __webpack_require__) => {
+
+__webpack_require__.a(__webpack_module__, async (__webpack_handle_async_dependencies__, __webpack_async_result__) => { try {
+/* harmony export */ __webpack_require__.d(__webpack_exports__, {
+/* harmony export */   settingsRouter: () => (/* binding */ settingsRouter)
+/* harmony export */ });
+/* harmony import */ var express__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(316);
+/* harmony import */ var _og_db__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(6020);
+/* harmony import */ var _og_shared__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(1792);
+var __webpack_async_dependencies__ = __webpack_handle_async_dependencies__([_og_db__WEBPACK_IMPORTED_MODULE_1__]);
+_og_db__WEBPACK_IMPORTED_MODULE_1__ = (__webpack_async_dependencies__.then ? (await __webpack_async_dependencies__)() : __webpack_async_dependencies__)[0];
+
+
+
+const settings = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .settingsQueries */ .sz)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const settingsRouter = (0,express__WEBPACK_IMPORTED_MODULE_0__.Router)();
+// GET /api/settings
+settingsRouter.get("/", async (_req, res, next) => {
+    try {
+        const all = await settings.getAll();
+        // Mask sensitive values
+        const masked = {};
+        for (const [key, value] of Object.entries(all)) {
+            if (key === "og_core_key" || key === "session_token") {
+                masked[key] = (0,_og_shared__WEBPACK_IMPORTED_MODULE_2__/* .maskSecret */ .$l)(value);
+            }
+            else {
+                masked[key] = value;
+            }
+        }
+        res.json({ success: true, data: masked });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+// PUT /api/settings
+settingsRouter.put("/", async (req, res, next) => {
+    try {
+        const updates = req.body;
+        if (!updates || typeof updates !== "object") {
+            res.status(400).json({ success: false, error: "Request body must be a key-value object" });
+            return;
+        }
+        // Prevent overwriting session_token via this endpoint
+        delete updates.session_token;
+        for (const [key, value] of Object.entries(updates)) {
+            await settings.set(key, value);
+        }
+        res.json({ success: true });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+// GET /api/settings/connection-status
+settingsRouter.get("/connection-status", async (_req, res, next) => {
+    try {
+        const ogCoreKey = await settings.get("og_core_key");
+        // Agent is always connected to Core (auto-registered)
+        // The only difference is whether it's linked to a user account (claimed) or not (autonomous)
+        const mode = ogCoreKey ? "claimed" : "autonomous";
+        res.json({
+            success: true,
+            data: {
+                mode,
+                message: mode === "claimed"
+                    ? "Agent is linked to your account"
+                    : "Agent is running in autonomous mode",
+            },
+        });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+//# sourceMappingURL=settings.js.map
+__webpack_async_result__();
+} catch(e) { __webpack_async_result__(e); } });
+
+/***/ })
+
+};
+
+//# sourceMappingURL=222.index.js.map

package/dashboard-dist/api/222.index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"222.index.js","mappings":";;;;;;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","sources":[".././dist/routes/settings.js"],"sourcesContent":["import { Router } from \"express\";\nimport { db, settingsQueries } from \"@og/db\";\nimport { maskSecret } from \"@og/shared\";\nconst settings = settingsQueries(db);\nexport const settingsRouter = Router();\n// GET /api/settings\nsettingsRouter.get(\"/\", async (_req, res, next) => {\n    try {\n        const all = await settings.getAll();\n        // Mask sensitive values\n        const masked = {};\n        for (const [key, value] of Object.entries(all)) {\n            if (key === \"og_core_key\" || key === \"session_token\") {\n                masked[key] = maskSecret(value);\n            }\n            else {\n                masked[key] = value;\n            }\n        }\n        res.json({ success: true, data: masked });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n// PUT /api/settings\nsettingsRouter.put(\"/\", async (req, res, next) => {\n    try {\n        const updates = req.body;\n        if (!updates || typeof updates !== \"object\") {\n            res.status(400).json({ success: false, error: \"Request body must be a key-value object\" });\n            return;\n        }\n        // Prevent overwriting session_token via this endpoint\n        delete updates.session_token;\n        for (const [key, value] of Object.entries(updates)) {\n            await settings.set(key, value);\n        }\n        res.json({ success: true });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n// GET /api/settings/connection-status\nsettingsRouter.get(\"/connection-status\", async (_req, res, next) => {\n    try {\n        const ogCoreKey = await settings.get(\"og_core_key\");\n        // Agent is always connected to Core (auto-registered)\n        // The only difference is whether it's linked to a user account (claimed) or not (autonomous)\n        const mode = ogCoreKey ? \"claimed\" : \"autonomous\";\n        res.json({\n            success: true,\n            data: {\n                mode,\n                message: mode === \"claimed\"\n                    ? \"Agent is linked to your account\"\n                    : \"Agent is running in autonomous mode\",\n            },\n        });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n//# sourceMappingURL=settings.js.map"],"names":[],"sourceRoot":""}

package/dashboard-dist/api/280.index.js

@@ -0,0 +1,213 @@
+export const id = 280;
+export const ids = [280];
+export const modules = {
+
+/***/ 5280:
+/***/ ((__webpack_module__, __webpack_exports__, __webpack_require__) => {
+
+__webpack_require__.a(__webpack_module__, async (__webpack_handle_async_dependencies__, __webpack_async_result__) => { try {
+/* harmony export */ __webpack_require__.d(__webpack_exports__, {
+/* harmony export */   detectionRouter: () => (/* binding */ detectionRouter)
+/* harmony export */ });
+/* harmony import */ var express__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(316);
+/* harmony import */ var _og_db__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(6020);
+/* harmony import */ var _services_core_client_js__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(6808);
+var __webpack_async_dependencies__ = __webpack_handle_async_dependencies__([_og_db__WEBPACK_IMPORTED_MODULE_1__, _services_core_client_js__WEBPACK_IMPORTED_MODULE_2__]);
+([_og_db__WEBPACK_IMPORTED_MODULE_1__, _services_core_client_js__WEBPACK_IMPORTED_MODULE_2__] = __webpack_async_dependencies__.then ? (await __webpack_async_dependencies__)() : __webpack_async_dependencies__);
+
+
+
+const scanners = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .scannerQueries */ .nk)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const policies = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .policyQueries */ .Lz)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const usage = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .usageQueries */ .gB)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const detectionResults = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .detectionResultQueries */ .xd)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const settings = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .settingsQueries */ .sz)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const detectionRouter = (0,express__WEBPACK_IMPORTED_MODULE_0__.Router)();
+/**
+ * POST /api/detect
+ * Detection proxy endpoint.
+ * Flow:
+ * 1. Check core key is configured
+ * 2. Get scanner config
+ * 3. Call core /v1/detect
+ * 4. Evaluate policies
+ * 5. Record usage + detection result
+ * 6. Return response
+ */
+detectionRouter.post("/", async (req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        // 1. Check core key
+        const coreKey = await settings.get("og_core_key");
+        if (!coreKey) {
+            res.status(503).json({
+                success: false,
+                error: "core key not configured. Go to Settings to add your key.",
+            });
+            return;
+        }
+        // 2. Get scanner config
+        const allScanners = await scanners.getAll(tenantId);
+        const coreScanners = allScanners.map((s) => ({
+            scannerId: s.scannerId,
+            name: s.name,
+            description: s.description,
+            isEnabled: s.isEnabled,
+        }));
+        // Validate request body
+        const { messages, format, role, agentId } = req.body;
+        if (!messages || !Array.isArray(messages) || messages.length === 0) {
+            res.status(400).json({ success: false, error: "messages array is required and must not be empty" });
+            return;
+        }
+        // 3. Call core
+        const coreResult = await (0,_services_core_client_js__WEBPACK_IMPORTED_MODULE_2__/* .callCoreDetect */ .l)(messages, coreScanners, { format, role });
+        // 4. Evaluate policies
+        let policyAction = null;
+        if (!coreResult.safe) {
+            const enabledPolicies = await policies.getEnabled(tenantId);
+            for (const policy of enabledPolicies) {
+                const policyScannerIds = policy.scannerIds;
+                const matchesCategory = coreResult.categories.some((c) => policyScannerIds.includes(c));
+                if (matchesCategory && coreResult.sensitivity_score >= policy.sensitivityThreshold) {
+                    policyAction = policy.action;
+                    break;
+                }
+            }
+        }
+        // 5. Record usage + detection result
+        await usage.log({
+            agentId: agentId || null,
+            endpoint: "/api/detect",
+            statusCode: 200,
+            responseSafe: coreResult.safe,
+            categories: coreResult.categories,
+            latencyMs: coreResult.latency_ms,
+            requestId: coreResult.request_id,
+            tenantId,
+        });
+        await detectionResults.create({
+            agentId: agentId || null,
+            safe: coreResult.safe,
+            categories: coreResult.categories,
+            sensitivityScore: coreResult.sensitivity_score,
+            findings: coreResult.findings,
+            latencyMs: coreResult.latency_ms,
+            requestId: coreResult.request_id,
+            tenantId,
+        });
+        // 6. Return response with policy action
+        const response = {
+            ...coreResult,
+            ...(policyAction && { policy_action: policyAction }),
+        };
+        if (policyAction === "block") {
+            res.status(403).json({ success: true, data: response, blocked: true });
+            return;
+        }
+        res.json({ success: true, data: response });
+    }
+    catch (err) {
+        if (err instanceof Error && (err.message.includes("ECONNREFUSED") || err.message.includes("fetch failed"))) {
+            res.status(503).json({ success: false, error: "Detection service is temporarily unavailable. Please try again later." });
+            return;
+        }
+        next(err);
+    }
+});
+//# sourceMappingURL=detection.js.map
+__webpack_async_result__();
+} catch(e) { __webpack_async_result__(e); } });
+
+/***/ }),
+
+/***/ 6808:
+/***/ ((__webpack_module__, __webpack_exports__, __webpack_require__) => {
+
+__webpack_require__.a(__webpack_module__, async (__webpack_handle_async_dependencies__, __webpack_async_result__) => { try {
+/* harmony export */ __webpack_require__.d(__webpack_exports__, {
+/* harmony export */   l: () => (/* binding */ callCoreDetect)
+/* harmony export */ });
+/* unused harmony export checkCoreHealth */
+/* harmony import */ var _og_db__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(6020);
+/* harmony import */ var node_crypto__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(7598);
+/* harmony import */ var _runtime_config_js__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(824);
+var __webpack_async_dependencies__ = __webpack_handle_async_dependencies__([_og_db__WEBPACK_IMPORTED_MODULE_0__]);
+_og_db__WEBPACK_IMPORTED_MODULE_0__ = (__webpack_async_dependencies__.then ? (await __webpack_async_dependencies__)() : __webpack_async_dependencies__)[0];
+
+
+
+const settings = (0,_og_db__WEBPACK_IMPORTED_MODULE_0__/* .settingsQueries */ .sz)(_og_db__WEBPACK_IMPORTED_MODULE_0__.db);
+/** Get core URL from settings or env */
+async function getCoreUrl() {
+    return (await settings.get("og_core_url")) || (0,_runtime_config_js__WEBPACK_IMPORTED_MODULE_2__/* .getEnvCoreUrl */ .i)();
+}
+/** Get core key from settings */
+async function getCoreKey() {
+    return (await settings.get("og_core_key")) || "";
+}
+function createTraceId() {
+    const randomNum = (0,node_crypto__WEBPACK_IMPORTED_MODULE_1__.randomBytes)(6).readUIntBE(0, 6);
+    return `${Date.now()}${String(randomNum).padStart(14, "0")}`;
+}
+/**
+ * Call core detection API.
+ * Uses core key from settings for authentication.
+ */
+async function callCoreDetect(messages, scanners, options) {
+    const coreUrl = await getCoreUrl();
+    const coreKey = await getCoreKey();
+    const body = {
+        messages,
+        scanners,
+        format: options?.format,
+        role: options?.role,
+    };
+    const headers = {
+        "Content-Type": "application/json",
+        traceId: createTraceId(),
+    };
+    if (coreKey) {
+        headers["Authorization"] = `Bearer ${coreKey}`;
+    }
+    const res = await fetch(`${coreUrl}/v1/detect`, {
+        method: "POST",
+        headers,
+        body: JSON.stringify(body),
+    });
+    if (!res.ok) {
+        const text = await res.text();
+        throw new Error(`core returned ${res.status}: ${text}`);
+    }
+    const json = await res.json();
+    if (!json.success) {
+        throw new Error(`core error: ${json.error}`);
+    }
+    return json.data;
+}
+/** Check core health with timeout */
+async function checkCoreHealth() {
+    try {
+        const coreUrl = await getCoreUrl();
+        const controller = new AbortController();
+        const timeoutId = setTimeout(() => controller.abort(), 5000); // 5s timeout
+        const res = await fetch(`${coreUrl}/health`, {
+            signal: controller.signal,
+        });
+        clearTimeout(timeoutId);
+        const json = await res.json();
+        return json.status === "ok";
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=core-client.js.map
+__webpack_async_result__();
+} catch(e) { __webpack_async_result__(e); } });
+
+/***/ })
+
+};
+
+//# sourceMappingURL=280.index.js.map

package/dashboard-dist/api/280.index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"280.index.js","mappings":";;;;;;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;;;;;;;;;;;;;;;;ACrGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","sources":[".././dist/routes/detection.js",".././dist/services/core-client.js"],"sourcesContent":["import { Router } from \"express\";\nimport { db, scannerQueries, policyQueries, usageQueries, detectionResultQueries, settingsQueries } from \"@og/db\";\nimport { callCoreDetect } from \"../services/core-client.js\";\nconst scanners = scannerQueries(db);\nconst policies = policyQueries(db);\nconst usage = usageQueries(db);\nconst detectionResults = detectionResultQueries(db);\nconst settings = settingsQueries(db);\nexport const detectionRouter = Router();\n/**\n * POST /api/detect\n * Detection proxy endpoint.\n * Flow:\n * 1. Check core key is configured\n * 2. Get scanner config\n * 3. Call core /v1/detect\n * 4. Evaluate policies\n * 5. Record usage + detection result\n * 6. Return response\n */\ndetectionRouter.post(\"/\", async (req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        // 1. Check core key\n        const coreKey = await settings.get(\"og_core_key\");\n        if (!coreKey) {\n            res.status(503).json({\n                success: false,\n                error: \"core key not configured. Go to Settings to add your key.\",\n            });\n            return;\n        }\n        // 2. Get scanner config\n        const allScanners = await scanners.getAll(tenantId);\n        const coreScanners = allScanners.map((s) => ({\n            scannerId: s.scannerId,\n            name: s.name,\n            description: s.description,\n            isEnabled: s.isEnabled,\n        }));\n        // Validate request body\n        const { messages, format, role, agentId } = req.body;\n        if (!messages || !Array.isArray(messages) || messages.length === 0) {\n            res.status(400).json({ success: false, error: \"messages array is required and must not be empty\" });\n            return;\n        }\n        // 3. Call core\n        const coreResult = await callCoreDetect(messages, coreScanners, { format, role });\n        // 4. Evaluate policies\n        let policyAction = null;\n        if (!coreResult.safe) {\n            const enabledPolicies = await policies.getEnabled(tenantId);\n            for (const policy of enabledPolicies) {\n                const policyScannerIds = policy.scannerIds;\n                const matchesCategory = coreResult.categories.some((c) => policyScannerIds.includes(c));\n                if (matchesCategory && coreResult.sensitivity_score >= policy.sensitivityThreshold) {\n                    policyAction = policy.action;\n                    break;\n                }\n            }\n        }\n        // 5. Record usage + detection result\n        await usage.log({\n            agentId: agentId || null,\n            endpoint: \"/api/detect\",\n            statusCode: 200,\n            responseSafe: coreResult.safe,\n            categories: coreResult.categories,\n            latencyMs: coreResult.latency_ms,\n            requestId: coreResult.request_id,\n            tenantId,\n        });\n        await detectionResults.create({\n            agentId: agentId || null,\n            safe: coreResult.safe,\n            categories: coreResult.categories,\n            sensitivityScore: coreResult.sensitivity_score,\n            findings: coreResult.findings,\n            latencyMs: coreResult.latency_ms,\n            requestId: coreResult.request_id,\n            tenantId,\n        });\n        // 6. Return response with policy action\n        const response = {\n            ...coreResult,\n            ...(policyAction && { policy_action: policyAction }),\n        };\n        if (policyAction === \"block\") {\n            res.status(403).json({ success: true, data: response, blocked: true });\n            return;\n        }\n        res.json({ success: true, data: response });\n    }\n    catch (err) {\n        if (err instanceof Error && (err.message.includes(\"ECONNREFUSED\") || err.message.includes(\"fetch failed\"))) {\n            res.status(503).json({ success: false, error: \"Detection service is temporarily unavailable. Please try again later.\" });\n            return;\n        }\n        next(err);\n    }\n});\n//# sourceMappingURL=detection.js.map","import { db, settingsQueries } from \"@og/db\";\nimport { randomBytes } from \"node:crypto\";\nimport { getEnvCoreUrl } from \"./runtime-config.js\";\nconst settings = settingsQueries(db);\n/** Get core URL from settings or env */\nasync function getCoreUrl() {\n    return (await settings.get(\"og_core_url\")) || getEnvCoreUrl();\n}\n/** Get core key from settings */\nasync function getCoreKey() {\n    return (await settings.get(\"og_core_key\")) || \"\";\n}\nfunction createTraceId() {\n    const randomNum = randomBytes(6).readUIntBE(0, 6);\n    return `${Date.now()}${String(randomNum).padStart(14, \"0\")}`;\n}\n/**\n * Call core detection API.\n * Uses core key from settings for authentication.\n */\nexport async function callCoreDetect(messages, scanners, options) {\n    const coreUrl = await getCoreUrl();\n    const coreKey = await getCoreKey();\n    const body = {\n        messages,\n        scanners,\n        format: options?.format,\n        role: options?.role,\n    };\n    const headers = {\n        \"Content-Type\": \"application/json\",\n        traceId: createTraceId(),\n    };\n    if (coreKey) {\n        headers[\"Authorization\"] = `Bearer ${coreKey}`;\n    }\n    const res = await fetch(`${coreUrl}/v1/detect`, {\n        method: \"POST\",\n        headers,\n        body: JSON.stringify(body),\n    });\n    if (!res.ok) {\n        const text = await res.text();\n        throw new Error(`core returned ${res.status}: ${text}`);\n    }\n    const json = await res.json();\n    if (!json.success) {\n        throw new Error(`core error: ${json.error}`);\n    }\n    return json.data;\n}\n/** Check core health with timeout */\nexport async function checkCoreHealth() {\n    try {\n        const coreUrl = await getCoreUrl();\n        const controller = new AbortController();\n        const timeoutId = setTimeout(() => controller.abort(), 5000); // 5s timeout\n        const res = await fetch(`${coreUrl}/health`, {\n            signal: controller.signal,\n        });\n        clearTimeout(timeoutId);\n        const json = await res.json();\n        return json.status === \"ok\";\n    }\n    catch {\n        return false;\n    }\n}\n//# sourceMappingURL=core-client.js.map"],"names":[],"sourceRoot":""}

package/dashboard-dist/api/369.index.js

@@ -0,0 +1,115 @@
+export const id = 369;
+export const ids = [369];
+export const modules = {
+
+/***/ 8369:
+/***/ ((__webpack_module__, __webpack_exports__, __webpack_require__) => {
+
+__webpack_require__.a(__webpack_module__, async (__webpack_handle_async_dependencies__, __webpack_async_result__) => { try {
+/* harmony export */ __webpack_require__.d(__webpack_exports__, {
+/* harmony export */   agentsRouter: () => (/* binding */ agentsRouter)
+/* harmony export */ });
+/* harmony import */ var express__WEBPACK_IMPORTED_MODULE_0__ = __webpack_require__(316);
+/* harmony import */ var _og_db__WEBPACK_IMPORTED_MODULE_1__ = __webpack_require__(6020);
+/* harmony import */ var _og_shared__WEBPACK_IMPORTED_MODULE_2__ = __webpack_require__(1792);
+var __webpack_async_dependencies__ = __webpack_handle_async_dependencies__([_og_db__WEBPACK_IMPORTED_MODULE_1__]);
+_og_db__WEBPACK_IMPORTED_MODULE_1__ = (__webpack_async_dependencies__.then ? (await __webpack_async_dependencies__)() : __webpack_async_dependencies__)[0];
+
+
+
+const agents = (0,_og_db__WEBPACK_IMPORTED_MODULE_1__/* .agentQueries */ .Ik)(_og_db__WEBPACK_IMPORTED_MODULE_1__.db);
+const agentsRouter = (0,express__WEBPACK_IMPORTED_MODULE_0__.Router)();
+// GET /api/agents
+agentsRouter.get("/", async (_req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        const data = await agents.findAll(tenantId);
+        res.json({ success: true, data });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+// POST /api/agents
+agentsRouter.post("/", async (req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        const { name, description, provider, metadata } = req.body;
+        if (!name) {
+            res.status(400).json({ success: false, error: "name is required" });
+            return;
+        }
+        const currentCount = await agents.countAll(tenantId);
+        if (currentCount >= _og_shared__WEBPACK_IMPORTED_MODULE_2__/* .MAX_AGENTS */ .cZ) {
+            res.status(403).json({
+                success: false,
+                error: `Agent limit reached (${_og_shared__WEBPACK_IMPORTED_MODULE_2__/* .MAX_AGENTS */ .cZ}).`,
+            });
+            return;
+        }
+        const agent = await agents.create({
+            name,
+            description: description || null,
+            provider: provider || "custom",
+            metadata: metadata || {},
+            tenantId,
+        });
+        res.status(201).json({ success: true, data: agent });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+// PUT /api/agents/:id
+agentsRouter.put("/:id", async (req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        const { name, description, provider, status, metadata } = req.body;
+        const agent = await agents.update(req.params.id, {
+            ...(name && { name }),
+            ...(description !== undefined && { description }),
+            ...(provider && { provider }),
+            ...(status && { status }),
+            ...(metadata && { metadata }),
+        }, tenantId);
+        if (!agent) {
+            res.status(404).json({ success: false, error: "Agent not found" });
+            return;
+        }
+        res.json({ success: true, data: agent });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+// DELETE /api/agents/:id
+agentsRouter.delete("/:id", async (req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        await agents.delete(req.params.id, tenantId);
+        res.json({ success: true });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+// POST /api/agents/:id/heartbeat
+agentsRouter.post("/:id/heartbeat", async (req, res, next) => {
+    try {
+        const tenantId = res.locals.tenantId;
+        await agents.heartbeat(req.params.id, tenantId);
+        res.json({ success: true });
+    }
+    catch (err) {
+        next(err);
+    }
+});
+//# sourceMappingURL=agents.js.map
+__webpack_async_result__();
+} catch(e) { __webpack_async_result__(e); } });
+
+/***/ })
+
+};
+
+//# sourceMappingURL=369.index.js.map

package/dashboard-dist/api/369.index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"369.index.js","mappings":";;;;;;;;;;;;;;;;AAAA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA","sources":[".././dist/routes/agents.js"],"sourcesContent":["import { Router } from \"express\";\nimport { db, agentQueries } from \"@og/db\";\nimport { MAX_AGENTS } from \"@og/shared\";\nconst agents = agentQueries(db);\nexport const agentsRouter = Router();\n// GET /api/agents\nagentsRouter.get(\"/\", async (_req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        const data = await agents.findAll(tenantId);\n        res.json({ success: true, data });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n// POST /api/agents\nagentsRouter.post(\"/\", async (req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        const { name, description, provider, metadata } = req.body;\n        if (!name) {\n            res.status(400).json({ success: false, error: \"name is required\" });\n            return;\n        }\n        const currentCount = await agents.countAll(tenantId);\n        if (currentCount >= MAX_AGENTS) {\n            res.status(403).json({\n                success: false,\n                error: `Agent limit reached (${MAX_AGENTS}).`,\n            });\n            return;\n        }\n        const agent = await agents.create({\n            name,\n            description: description || null,\n            provider: provider || \"custom\",\n            metadata: metadata || {},\n            tenantId,\n        });\n        res.status(201).json({ success: true, data: agent });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n// PUT /api/agents/:id\nagentsRouter.put(\"/:id\", async (req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        const { name, description, provider, status, metadata } = req.body;\n        const agent = await agents.update(req.params.id, {\n            ...(name && { name }),\n            ...(description !== undefined && { description }),\n            ...(provider && { provider }),\n            ...(status && { status }),\n            ...(metadata && { metadata }),\n        }, tenantId);\n        if (!agent) {\n            res.status(404).json({ success: false, error: \"Agent not found\" });\n            return;\n        }\n        res.json({ success: true, data: agent });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n// DELETE /api/agents/:id\nagentsRouter.delete(\"/:id\", async (req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        await agents.delete(req.params.id, tenantId);\n        res.json({ success: true });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n// POST /api/agents/:id/heartbeat\nagentsRouter.post(\"/:id/heartbeat\", async (req, res, next) => {\n    try {\n        const tenantId = res.locals.tenantId;\n        await agents.heartbeat(req.params.id, tenantId);\n        res.json({ success: true });\n    }\n    catch (err) {\n        next(err);\n    }\n});\n//# sourceMappingURL=agents.js.map"],"names":[],"sourceRoot":""}