@zhangferry-dev/tokendash 1.6.1 → 1.7.0

package/dist/electron-server.cjs

@@ -37,9 +37,9 @@ __export(index_exports, {
 });
 module.exports = __toCommonJS(index_exports);
 var import_express = __toESM(require("express"), 1);
-var import_node_fs8 = require("node:fs");
+var import_node_fs13 = require("node:fs");
 var import_node_url = require("node:url");
-var import_node_path8 = require("node:path");
+var import_node_path13 = require("node:path");
 
 // src/server/cache.ts
 var import_node_fs = require("node:fs");
@@ -2088,7 +2088,1090 @@ function detectAvailableAgents() {
   };
 }
 
+// src/server/quota/adapter.ts
+var QuotaError = class extends Error {
+  status;
+  constructor(status) {
+    const msg = "message" in status && status.message ? status.message : "";
+    super(msg ? `${status.state}: ${msg}` : status.state);
+    this.name = "QuotaError";
+    this.status = status;
+  }
+};
+var QuotaAdapterRegistry = class {
+  adapters = /* @__PURE__ */ new Map();
+  register(adapter) {
+    this.adapters.set(adapter.provider, adapter);
+  }
+  get(provider) {
+    return this.adapters.get(provider);
+  }
+  list() {
+    return Array.from(this.adapters.values());
+  }
+};
+function baseSnapshot(provider, displayName, opts = {}) {
+  return {
+    provider,
+    displayName,
+    planName: opts.planName,
+    fetchedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    freshness: "live",
+    windows: opts.windows ?? []
+  };
+}
+
+// src/server/quota/cache.ts
+var QuotaCache = class {
+  constructor(ttlMs = 6e4) {
+    this.ttlMs = ttlMs;
+  }
+  store = /* @__PURE__ */ new Map();
+  /** Fresh cached snapshot, or null if expired / absent. */
+  getFresh(provider) {
+    const entry = this.store.get(provider);
+    if (!entry) return null;
+    if (Date.now() > entry.expiresAt) return null;
+    return { ...entry.snapshot, freshness: "cached" };
+  }
+  /** Last successful snapshot regardless of TTL (for stale-while-revalidate). */
+  getStale(provider) {
+    const entry = this.store.get(provider);
+    if (!entry) return null;
+    return { ...entry.snapshot, freshness: "stale" };
+  }
+  set(snapshot) {
+    this.store.set(snapshot.provider, {
+      snapshot,
+      expiresAt: Date.now() + this.ttlMs,
+      updatedAt: Date.now()
+    });
+  }
+  clear(provider) {
+    if (provider) this.store.delete(provider);
+    else this.store.clear();
+  }
+};
+
+// src/server/quota/schemas.ts
+var import_zod3 = require("zod");
+var QuotaWindowSchema = import_zod3.z.object({
+  id: import_zod3.z.string(),
+  label: import_zod3.z.string(),
+  usedPercent: import_zod3.z.number().min(0).max(100).default(0),
+  remainingPercent: import_zod3.z.number().min(0).max(100).default(0),
+  used: import_zod3.z.number().optional(),
+  limit: import_zod3.z.number().optional(),
+  durationMins: import_zod3.z.number().optional(),
+  resetsAt: import_zod3.z.string().optional(),
+  isUnlimited: import_zod3.z.boolean().optional(),
+  modelName: import_zod3.z.string().optional()
+});
+var QuotaProviderStatusSchema = import_zod3.z.object({
+  state: import_zod3.z.enum([
+    "ok",
+    "auth_failed",
+    "not_configured",
+    "upstream_unavailable",
+    "rate_limited",
+    "malformed_response",
+    "timed_out",
+    "error"
+  ]),
+  message: import_zod3.z.string().optional(),
+  category: import_zod3.z.string().optional()
+});
+var QuotaSnapshotSchema = import_zod3.z.object({
+  provider: import_zod3.z.enum(["codex", "claude", "glm", "minimax", "kimi"]),
+  displayName: import_zod3.z.string(),
+  planName: import_zod3.z.string().optional(),
+  fetchedAt: import_zod3.z.string(),
+  freshness: import_zod3.z.enum(["live", "cached", "stale"]),
+  windows: import_zod3.z.array(QuotaWindowSchema).default([]),
+  status: QuotaProviderStatusSchema
+});
+var QuotaResponseSchema = import_zod3.z.object({
+  providers: import_zod3.z.array(QuotaSnapshotSchema).default([])
+});
+function validateQuotaSnapshot(data) {
+  return QuotaSnapshotSchema.parse(data);
+}
+
+// src/server/quota/quotaService.ts
+var QuotaService = class {
+  constructor(registry2, cache2 = new QuotaCache(), configuredCache = null, fetchTimeoutMs = 8e3) {
+    this.registry = registry2;
+    this.cache = cache2;
+    this.configuredCache = configuredCache;
+    this.fetchTimeoutMs = fetchTimeoutMs;
+  }
+  /** Cap concurrent upstream calls so a slow provider can't block the others. */
+  fetchTimeoutMs;
+  /** In-flight promises keyed by provider id, to dedupe concurrent requests. */
+  inflight = /* @__PURE__ */ new Map();
+  /**
+   * List provider ids that are configured locally. Cheap (no network).
+   * The dashboard only shows these — not-configured providers are excluded.
+   */
+  async discover() {
+    const all = this.registry.list();
+    const checks = await Promise.all(
+      all.map(async (a) => ({ id: a.provider, configured: await safeIsConfigured(a) }))
+    );
+    return checks.filter((c) => c.configured).map((c) => c.id);
+  }
+  /**
+   * Fetch one provider's snapshot. Fresh if available; stale-but-retained
+   * on failure; never throws (errors become structured statuses).
+   */
+  async fetchOne(provider) {
+    const fresh = this.cache.getFresh(provider);
+    if (fresh) return fresh;
+    const adapter = this.registry.get(provider);
+    if (!adapter) return null;
+    let p = this.inflight.get(provider);
+    if (!p) {
+      p = this.fetchWithTimeout(adapter).finally(() => this.inflight.delete(provider));
+      this.inflight.set(provider, p);
+    }
+    return p;
+  }
+  /**
+   * Fetch all configured providers concurrently. Partial success: one
+   * provider's failure never breaks the others. Order = registry order.
+   */
+  async fetchAll() {
+    const ids = this.configuredCache ?? await this.discover();
+    const byId = /* @__PURE__ */ new Map();
+    const snapshots = await Promise.all(ids.map((id) => this.fetchOne(id)));
+    for (const adapter of this.registry.list()) {
+      const snap = snapshots.find((s) => s?.provider === adapter.provider);
+      if (snap) byId.set(adapter.provider, snap);
+    }
+    return { providers: this.registry.list().map((a) => byId.get(a.provider)).filter((s) => !!s) };
+  }
+  /** Force a refresh of all configured providers, bypassing the cache. */
+  async refreshAll() {
+    this.configuredCache?.forEach(() => {
+    });
+    for (const adapter of this.registry.list()) {
+      this.cache.clear(adapter.provider);
+    }
+    return this.fetchAll();
+  }
+  /**
+   * Validate a credential without caching it or writing it to disk. This keeps
+   * the settings form transactional: only credentials accepted upstream are
+   * persisted by the native app.
+   */
+  async validateCredential(provider, credential) {
+    const adapter = this.registry.get(provider);
+    if (!adapter) {
+      return {
+        provider,
+        valid: false,
+        status: { state: "not_configured", message: "Unsupported provider" }
+      };
+    }
+    try {
+      const snapshot = await withTimeout(
+        adapter.fetch({ credential }),
+        this.fetchTimeoutMs,
+        provider
+      );
+      const validated = validateQuotaSnapshot(snapshot);
+      return { provider, valid: validated.status.state === "ok", status: validated.status };
+    } catch (err) {
+      return { provider, valid: false, status: statusForError(err, this.fetchTimeoutMs) };
+    }
+  }
+  async fetchWithTimeout(adapter) {
+    try {
+      const snapshot = await withTimeout(adapter.fetch(), this.fetchTimeoutMs, adapter.provider);
+      const validated = validateQuotaSnapshot(snapshot);
+      this.cache.set(validated);
+      return validated;
+    } catch (err) {
+      return this.handleFailure(adapter, err);
+    }
+  }
+  handleFailure(adapter, err) {
+    const status = statusForError(err, this.fetchTimeoutMs);
+    const stale = this.cache.getStale(adapter.provider);
+    if (stale) {
+      return { ...stale, freshness: "stale", status };
+    }
+    return {
+      provider: adapter.provider,
+      displayName: adapter.displayName,
+      fetchedAt: (/* @__PURE__ */ new Date()).toISOString(),
+      freshness: "stale",
+      windows: [],
+      status
+    };
+  }
+};
+function statusForError(err, timeoutMs) {
+  if (err instanceof QuotaError) return err.status;
+  if (err instanceof TimeoutError) {
+    return { state: "timed_out", message: `upstream did not respond within ${timeoutMs}ms` };
+  }
+  return { state: "error", message: redact(err), category: "unexpected" };
+}
+var TimeoutError = class extends Error {
+  constructor(provider) {
+    super(`quota fetch timed out: ${provider}`);
+    this.name = "TimeoutError";
+  }
+};
+function withTimeout(p, ms, provider) {
+  return new Promise((resolve2, reject) => {
+    const timer = setTimeout(() => reject(new TimeoutError(provider)), ms);
+    p.then(
+      (v) => {
+        clearTimeout(timer);
+        resolve2(v);
+      },
+      (e) => {
+        clearTimeout(timer);
+        reject(e);
+      }
+    );
+  });
+}
+async function safeIsConfigured(adapter) {
+  try {
+    return await adapter.isConfigured();
+  } catch {
+    return false;
+  }
+}
+function redact(err) {
+  const msg = err instanceof Error ? err.message : String(err);
+  return msg.replace(/(sk-[A-Za-z0-9_-]{6,})[A-Za-z0-9_-]*/g, "$1\u2026").replace(/(Bearer\s+)[A-Za-z0-9._-]+/gi, "$1\u2026").slice(0, 200);
+}
+
+// src/server/quota/adapters/codex.ts
+var import_node_fs8 = require("node:fs");
+var import_node_path8 = require("node:path");
+var import_node_os8 = require("node:os");
+var import_node_child_process2 = require("node:child_process");
+
+// src/server/quota/helpers.ts
+function unixToIso(unix) {
+  if (unix === null || unix === void 0 || unix === "") return void 0;
+  const n = typeof unix === "string" ? parseInt(unix, 10) : unix;
+  if (!Number.isFinite(n) || n <= 0) return void 0;
+  const ms = n > 1e12 ? n : n * 1e3;
+  return new Date(ms).toISOString();
+}
+function clampPercent(v) {
+  if (!Number.isFinite(v)) return 0;
+  return Math.max(0, Math.min(100, v));
+}
+function round1(v) {
+  return Math.round(v * 10) / 10;
+}
+function windowFromPercent(id, label, usedPercent, opts = {}) {
+  const used = round1(clampPercent(usedPercent));
+  return {
+    id,
+    label,
+    usedPercent: used,
+    remainingPercent: round1(100 - used),
+    durationMins: opts.durationMins,
+    resetsAt: opts.resetsAt,
+    used: opts.used,
+    limit: opts.limit,
+    modelName: opts.modelName,
+    isUnlimited: opts.isUnlimited
+  };
+}
+function windowFromCounts(id, label, used, limit, opts = {}) {
+  if (limit <= 0) {
+    return { id, label, usedPercent: 0, remainingPercent: 100, used, limit, isUnlimited: true, ...opts };
+  }
+  const pct = round1(clampPercent(used / limit * 100));
+  return {
+    id,
+    label,
+    usedPercent: pct,
+    remainingPercent: round1(100 - pct),
+    used,
+    limit,
+    ...opts
+  };
+}
+async function fetchJsonWithTimeout(url, opts = {}) {
+  const ctrl = new AbortController();
+  const timer = setTimeout(() => ctrl.abort(), opts.timeoutMs ?? 8e3);
+  try {
+    const res = await fetch(url, { headers: opts.headers, signal: ctrl.signal });
+    if (!res.ok) {
+      const body = await res.text().catch(() => "");
+      throw new HttpError(res.status, body.slice(0, 200));
+    }
+    return await res.json();
+  } finally {
+    clearTimeout(timer);
+  }
+}
+var HttpError = class extends Error {
+  constructor(status, body) {
+    super(`HTTP ${status}`);
+    this.status = status;
+    this.body = body;
+    this.name = "HttpError";
+  }
+};
+function classifyHttpError(err) {
+  if (err.status === 401 || err.status === 403) {
+    return { state: "auth_failed", message: "credential rejected by provider" };
+  }
+  if (err.status === 429) {
+    return { state: "rate_limited", message: "provider throttled the request" };
+  }
+  return { state: "upstream_unavailable", message: `provider returned HTTP ${err.status}` };
+}
+
+// src/server/quota/adapters/codex.ts
+function codexHome() {
+  return process.env.CODEX_HOME || (0, import_node_path8.join)((0, import_node_os8.homedir)(), ".codex");
+}
+var codexAdapter = {
+  provider: "codex",
+  displayName: "OpenAI Codex",
+  async isConfigured() {
+    return (0, import_node_fs8.existsSync)((0, import_node_path8.join)(codexHome(), "auth.json")) && resolveCodexBinary() !== null;
+  },
+  async fetch() {
+    const result = await queryRateLimits();
+    const buckets = result.rateLimitsByLimitId ?? (result.rateLimits ? { primary: result.rateLimits } : {});
+    const windows = [];
+    for (const [key, bucket] of Object.entries(buckets)) {
+      if (bucket.primary) {
+        windows.push(windowFromPercent(`codex_${key}_primary`, labelForBucket(key, "primary", bucket), bucket.primary.usedPercent ?? 0, {
+          durationMins: bucket.primary.windowDurationMins,
+          resetsAt: unixToIso(bucket.primary.resetsAt)
+        }));
+      }
+      if (bucket.secondary) {
+        windows.push(windowFromPercent(`codex_${key}_secondary`, labelForBucket(key, "secondary", bucket), bucket.secondary.usedPercent ?? 0, {
+          durationMins: bucket.secondary.windowDurationMins,
+          resetsAt: unixToIso(bucket.secondary.resetsAt)
+        }));
+      }
+    }
+    const snap = baseSnapshot("codex", "OpenAI Codex", {
+      planName: result.planType ? capitalize(result.planType) : void 0,
+      windows
+    });
+    return { ...snap, status: { state: "ok" } };
+  }
+};
+function labelForBucket(key, tier, bucket) {
+  const dur = tier === "primary" ? bucket.primary?.windowDurationMins : bucket.secondary?.windowDurationMins;
+  const durLabel = dur ? durationLabel(dur) : capitalize(tier);
+  const who = bucket.limitName || (key && key !== "primary" ? key : "");
+  return who ? `${capitalize(who)} \xB7 ${durLabel}` : durLabel;
+}
+function durationLabel(mins) {
+  if (mins >= 10080) return "Weekly";
+  if (mins >= 1440) return `${Math.round(mins / 1440)}-Day`;
+  if (mins >= 60) return `${Math.round(mins / 60)}-Hour`;
+  return `${mins}m`;
+}
+function capitalize(s) {
+  return s.charAt(0).toUpperCase() + s.slice(1);
+}
+async function queryRateLimits() {
+  const codexBinary = resolveCodexBinary();
+  if (!codexBinary) {
+    throw new QuotaError({ state: "not_configured", message: "official Codex CLI not found" });
+  }
+  const binaryDir = (0, import_node_path8.dirname)(codexBinary);
+  const childPath = [binaryDir, process.env.PATH].filter(Boolean).join(":");
+  const proc = (0, import_node_child_process2.spawn)(codexBinary, ["app-server"], {
+    stdio: ["pipe", "pipe", "pipe"],
+    env: { ...process.env, PATH: childPath }
+  });
+  const client = new JsonRpcClient(proc);
+  try {
+    await client.request("initialize", {
+      protocolVersion: "2025-03-26",
+      clientInfo: { name: "tokendash", version: "1.0.0" }
+    });
+    client.notify("initialized", {});
+    const res = await client.request("account/rateLimits/read", {});
+    return res;
+  } catch (err) {
+    throw toQuotaError(err);
+  } finally {
+    client.dispose();
+    try {
+      proc.kill("SIGKILL");
+    } catch {
+    }
+  }
+}
+function toQuotaError(err) {
+  const msg = err instanceof Error ? err.message : String(err);
+  if (/not found|ENOENT|spawn/i.test(msg)) {
+    return new QuotaError({ state: "not_configured", message: "codex app-server unavailable" });
+  }
+  if (/401|403|unauthor|auth/i.test(msg)) {
+    return new QuotaError({ state: "auth_failed", message: "codex session not authenticated" });
+  }
+  return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
+}
+var JsonRpcClient = class {
+  constructor(proc) {
+    this.proc = proc;
+    proc.stdout.setEncoding("utf8");
+    proc.stdout.on("data", (chunk) => this.onData(chunk));
+    proc.on("error", (err) => this.failAll(err));
+    proc.on("close", () => this.failAll(new Error("codex app-server closed unexpectedly")));
+  }
+  id = 0;
+  buffer = "";
+  pending = /* @__PURE__ */ new Map();
+  disposed = false;
+  request(method, params) {
+    if (this.disposed) return Promise.reject(new Error("client disposed"));
+    const id = ++this.id;
+    const msg = JSON.stringify({ jsonrpc: "2.0", id, method, params }) + "\n";
+    return new Promise((resolve2, reject) => {
+      this.pending.set(id, { resolve: resolve2, reject });
+      this.proc.stdin.write(msg, (err) => {
+        if (err) reject(err instanceof Error ? err : new Error(String(err)));
+      });
+    });
+  }
+  notify(method, params) {
+    if (this.disposed) return;
+    const msg = JSON.stringify({ jsonrpc: "2.0", method, params }) + "\n";
+    this.proc.stdin.write(msg, () => {
+    });
+  }
+  dispose() {
+    this.disposed = true;
+    this.failAll(new Error("disposed"));
+  }
+  onData(chunk) {
+    this.buffer += chunk;
+    let idx;
+    while ((idx = this.buffer.indexOf("\n")) >= 0) {
+      const line = this.buffer.slice(0, idx).trim();
+      this.buffer = this.buffer.slice(idx + 1);
+      if (!line) continue;
+      let msg;
+      try {
+        msg = JSON.parse(line);
+      } catch {
+        continue;
+      }
+      if (msg.id === void 0) continue;
+      const entry = this.pending.get(msg.id);
+      if (!entry) continue;
+      this.pending.delete(msg.id);
+      if (msg.error) entry.reject(new Error(msg.error.message || "codex JSON-RPC error"));
+      else entry.resolve(msg.result);
+    }
+  }
+  failAll(err) {
+    for (const [, entry] of this.pending) entry.reject(err);
+    this.pending.clear();
+  }
+};
+function resolveCodexBinary(options = {}) {
+  const home = options.home ?? (0, import_node_os8.homedir)();
+  const path = options.path ?? process.env.PATH ?? "";
+  const explicitBinary = options.explicitBinary ?? process.env.CODEX_BIN;
+  const isExecutable = options.isExecutable ?? defaultIsExecutable;
+  const nvmRoot = (0, import_node_path8.join)(home, ".nvm", "versions", "node");
+  const nvmVersions = options.nvmVersions ?? readDirectoryNames(nvmRoot);
+  const candidates = [
+    explicitBinary,
+    "/Applications/Codex.app/Contents/Resources/codex",
+    (0, import_node_path8.join)(home, "Applications", "Codex.app", "Contents", "Resources", "codex"),
+    "/opt/homebrew/bin/codex",
+    "/usr/local/bin/codex",
+    (0, import_node_path8.join)(home, ".local", "bin", "codex"),
+    (0, import_node_path8.join)(home, ".volta", "bin", "codex"),
+    (0, import_node_path8.join)(home, ".bun", "bin", "codex"),
+    ...nvmVersions.sort((a, b) => b.localeCompare(a, void 0, { numeric: true })).map((version) => (0, import_node_path8.join)(nvmRoot, version, "bin", "codex")),
+    ...path.split(":").filter(Boolean).map((directory) => (0, import_node_path8.join)(directory, "codex"))
+  ];
+  for (const candidate of candidates) {
+    if (candidate && isExecutable(candidate)) return candidate;
+  }
+  return null;
+}
+function defaultIsExecutable(candidate) {
+  try {
+    (0, import_node_fs8.accessSync)(candidate, import_node_fs8.constants.X_OK);
+    return true;
+  } catch {
+    return false;
+  }
+}
+function readDirectoryNames(directory) {
+  try {
+    return (0, import_node_fs8.readdirSync)(directory, { withFileTypes: true }).filter((entry) => entry.isDirectory()).map((entry) => entry.name);
+  } catch {
+    return [];
+  }
+}
+
+// src/server/quota/adapters/claude.ts
+var import_node_fs9 = require("node:fs");
+var import_node_path9 = require("node:path");
+var import_node_os9 = require("node:os");
+var import_node_child_process3 = require("node:child_process");
+var import_node_crypto = require("node:crypto");
+var claudeAdapter = {
+  provider: "claude",
+  displayName: "Claude Code",
+  async isConfigured() {
+    const token = readClaudeToken();
+    return !!token;
+  },
+  async fetch() {
+    const token = readClaudeToken();
+    if (!token) {
+      throw new QuotaError({ state: "not_configured", message: "no Claude Code OAuth credential found" });
+    }
+    let data;
+    try {
+      data = await fetchJsonWithTimeout("https://api.anthropic.com/api/oauth/usage", {
+        headers: {
+          Authorization: `Bearer ${token}`,
+          "anthropic-beta": "oauth-2025-04-20",
+          "Content-Type": "application/json"
+        }
+      });
+    } catch (err) {
+      throw classifyFetchError(err);
+    }
+    const windows = [];
+    if (data.five_hour) {
+      windows.push(windowFromPercent("five_hour", "5-Hour Window", data.five_hour.utilization ?? 0, {
+        durationMins: 300,
+        resetsAt: normalizeIso(data.five_hour.resets_at)
+      }));
+    }
+    if (data.seven_day) {
+      windows.push(windowFromPercent("seven_day", "Weekly", data.seven_day.utilization ?? 0, {
+        durationMins: 10080,
+        resetsAt: normalizeIso(data.seven_day.resets_at)
+      }));
+    }
+    if (data.seven_day_opus?.utilization !== void 0 && data.seven_day_opus?.utilization !== null) {
+      windows.push(windowFromPercent("seven_day_opus", "Weekly \xB7 Opus", data.seven_day_opus.utilization, {
+        durationMins: 10080,
+        resetsAt: normalizeIso(data.seven_day_opus.resets_at)
+      }));
+    }
+    const snap = baseSnapshot("claude", "Claude Code", { windows });
+    return { ...snap, status: { state: "ok" } };
+  }
+};
+function classifyFetchError(err) {
+  if (err instanceof HttpError) {
+    const c = classifyHttpError(err);
+    return new QuotaError(c);
+  }
+  const msg = err instanceof Error ? err.message : String(err);
+  return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
+}
+function normalizeIso(s) {
+  return s ? new Date(s).toISOString() : void 0;
+}
+function readClaudeToken() {
+  if (process.platform === "darwin") {
+    const token = readFromKeychain();
+    if (token) return token;
+  }
+  const configDir = process.env.CLAUDE_CONFIG_DIR || (0, import_node_path9.join)((0, import_node_os9.homedir)(), ".claude");
+  const credPath = (0, import_node_path9.join)(configDir, ".credentials.json");
+  if ((0, import_node_fs9.existsSync)(credPath)) {
+    try {
+      const parsed = JSON.parse((0, import_node_fs9.readFileSync)(credPath, "utf8"));
+      return extractClaudeAccessToken(parsed);
+    } catch {
+      return null;
+    }
+  }
+  return null;
+}
+function readFromKeychain() {
+  const candidates = claudeKeychainServiceNames(process.env.CLAUDE_CONFIG_DIR);
+  try {
+    const list = (0, import_node_child_process3.execFileSync)("security", ["dump-keychain"], { stdio: ["ignore", "pipe", "ignore"], encoding: "utf8" });
+    for (const m of list.matchAll(/"svce"<blob>="([^"]*Claude Code-credentials[^"]*)"/g)) {
+      if (m[1] && !candidates.includes(m[1])) candidates.push(m[1]);
+    }
+  } catch {
+  }
+  const accounts = [safeUsername(), void 0];
+  for (const name of candidates) {
+    for (const account of accounts) {
+      try {
+        const args = ["find-generic-password", "-s", name];
+        if (account) args.push("-a", account);
+        args.push("-w");
+        const raw = (0, import_node_child_process3.execFileSync)("/usr/bin/security", args, {
+          stdio: ["ignore", "pipe", "ignore"],
+          encoding: "utf8",
+          timeout: 2e3
+        }).trim();
+        if (!raw) continue;
+        const token = extractClaudeAccessToken(JSON.parse(raw));
+        if (token) return token;
+      } catch {
+        continue;
+      }
+    }
+  }
+  return null;
+}
+function claudeKeychainServiceNames(configDir) {
+  if (!configDir) return ["Claude Code-credentials"];
+  const hash = (0, import_node_crypto.createHash)("sha256").update(configDir).digest("hex").slice(0, 8);
+  return [`Claude Code-credentials-${hash}`, "Claude Code-credentials"];
+}
+function extractClaudeAccessToken(value) {
+  if (!value || typeof value !== "object") return null;
+  const root = value;
+  const nested = root.claudeAiOauth;
+  const credentials = nested && typeof nested === "object" ? nested : root;
+  return typeof credentials.accessToken === "string" && credentials.accessToken ? credentials.accessToken : null;
+}
+function safeUsername() {
+  try {
+    return (0, import_node_os9.userInfo)().username?.trim() || void 0;
+  } catch {
+    return void 0;
+  }
+}
+
+// src/server/quota/adapters/glm.ts
+var import_node_fs11 = require("node:fs");
+var import_node_path11 = require("node:path");
+var import_node_os11 = require("node:os");
+
+// src/server/quota/credentialsFile.ts
+var import_node_fs10 = require("node:fs");
+var import_node_path10 = require("node:path");
+var import_node_os10 = require("node:os");
+function readStoredCredential(provider) {
+  try {
+    const path = (0, import_node_path10.join)((0, import_node_os10.homedir)(), ".tokendash", "credentials.json");
+    if (!(0, import_node_fs10.existsSync)(path)) return null;
+    const all = JSON.parse((0, import_node_fs10.readFileSync)(path, "utf8"));
+    const entry = all?.[provider];
+    if (entry && typeof entry === "object" && typeof entry.apiKey === "string") {
+      const apiKey = entry.apiKey;
+      if (!apiKey) return null;
+      const baseUrl = entry.baseUrl;
+      return { apiKey, baseUrl: typeof baseUrl === "string" ? baseUrl : void 0 };
+    }
+    return null;
+  } catch {
+    return null;
+  }
+}
+
+// src/server/quota/adapters/glm.ts
+var glmAdapter = {
+  provider: "glm",
+  displayName: "GLM Coding Plan",
+  async isConfigured() {
+    return !!resolveCredential();
+  },
+  async fetch(options) {
+    const cred = resolveCredential(options?.credential);
+    if (!cred) {
+      throw new QuotaError({ state: "not_configured", message: "set ZAI_API_KEY or ZHIPU_API_KEY" });
+    }
+    let data;
+    try {
+      data = await fetchJsonWithTimeout(`${cred.base}/api/monitor/usage/quota/limit`, {
+        headers: {
+          // GLM wants the raw key, NOT "Bearer <key>".
+          Authorization: cred.key,
+          "Accept-Language": "en-US,en",
+          "Content-Type": "application/json"
+        }
+      });
+    } catch (err) {
+      throw classifyFetchError2(err);
+    }
+    if (!data?.success && data?.code !== 200) {
+      throw new QuotaError({ state: "upstream_unavailable", message: data?.msg || "GLM quota request failed" });
+    }
+    const limits = data.data?.limits ?? [];
+    const windows = [];
+    const tokenLimits = limits.filter((l) => l.type === "TOKENS_LIMIT" && typeof l.percentage === "number").sort((a, b) => (a.nextResetTime ?? 0) - (b.nextResetTime ?? 0));
+    tokenLimits.forEach((l, i) => {
+      const isShort = i === 0;
+      windows.push(windowFromPercent(
+        isShort ? "glm_5h" : "glm_weekly",
+        isShort ? "5-Hour Window" : "Weekly",
+        l.percentage ?? 0,
+        { durationMins: isShort ? 300 : 10080, resetsAt: unixToIso(l.nextResetTime) }
+      ));
+    });
+    const timeLimit = limits.find((l) => l.type === "TIME_LIMIT");
+    if (timeLimit && typeof timeLimit.usage === "number") {
+      windows.push(windowFromCounts(
+        "glm_mcp_monthly",
+        "MCP \xB7 Monthly",
+        timeLimit.currentValue ?? 0,
+        timeLimit.usage
+      ));
+    }
+    const snap = baseSnapshot("glm", "GLM Coding Plan", {
+      planName: data.data?.level ? capitalize2(data.data.level) : void 0,
+      windows
+    });
+    return { ...snap, status: { state: "ok" } };
+  }
+};
+function classifyFetchError2(err) {
+  if (err instanceof HttpError) {
+    const c = classifyHttpError(err);
+    return new QuotaError(c);
+  }
+  const msg = err instanceof Error ? err.message : String(err);
+  return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
+}
+function resolveCredential(proposed) {
+  if (proposed?.apiKey) {
+    return {
+      key: proposed.apiKey,
+      base: proposed.baseUrl || "https://open.bigmodel.cn"
+    };
+  }
+  const stored = readStoredCredential("glm");
+  if (stored) return { key: stored.apiKey, base: stored.baseUrl || "https://open.bigmodel.cn" };
+  const zai = envOrConfig("ZAI_API_KEY");
+  if (zai) return { key: zai, base: envOrConfig("ZAI_BASE_URL") || "https://api.z.ai" };
+  const zhipu = envOrConfig("ZHIPU_API_KEY");
+  if (zhipu) return { key: zhipu, base: envOrConfig("ZHIPU_BASE_URL") || "https://open.bigmodel.cn" };
+  const anthropicBase = envOrConfig("ANTHROPIC_BASE_URL");
+  if (anthropicBase && isGlmHost(anthropicBase)) {
+    const origin = originOf(anthropicBase);
+    const token = envOrConfig("ANTHROPIC_AUTH_TOKEN") || envOrConfig("ANTHROPIC_API_KEY");
+    if (origin && token) return { key: token, base: origin };
+  }
+  return null;
+}
+function isGlmHost(url) {
+  const h = url.toLowerCase();
+  return h.includes("bigmodel.cn") || h.includes("z.ai");
+}
+function originOf(url) {
+  try {
+    const u = new URL(url);
+    return `${u.protocol}//${u.host}`;
+  } catch {
+    return null;
+  }
+}
+var claudeSettingsEnv;
+function envOrConfig(key) {
+  if (process.env[key]) return process.env[key];
+  if (claudeSettingsEnv === void 0) claudeSettingsEnv = loadClaudeSettingsEnv();
+  return claudeSettingsEnv?.[key];
+}
+function loadClaudeSettingsEnv() {
+  const configDir = process.env.CLAUDE_CONFIG_DIR || (0, import_node_path11.join)((0, import_node_os11.homedir)(), ".claude");
+  try {
+    const path = (0, import_node_path11.join)(configDir, "settings.json");
+    if (!(0, import_node_fs11.existsSync)(path)) return null;
+    const parsed = JSON.parse((0, import_node_fs11.readFileSync)(path, "utf8"));
+    return parsed?.env && typeof parsed.env === "object" ? parsed.env : null;
+  } catch {
+    return null;
+  }
+}
+function capitalize2(s) {
+  return s.charAt(0).toUpperCase() + s.slice(1);
+}
+
+// src/server/quota/adapters/minimax.ts
+var minimaxAdapter = {
+  provider: "minimax",
+  displayName: "MiniMax Coding Plan",
+  async isConfigured() {
+    return !!resolveCredential2();
+  },
+  async fetch(options) {
+    const cred = resolveCredential2(options?.credential);
+    if (!cred) {
+      throw new QuotaError({ state: "not_configured", message: "set MINIMAX_API_KEY (Subscription Key)" });
+    }
+    let data;
+    try {
+      data = await fetchJsonWithTimeout(`${cred.base}/v1/token_plan/remains`, {
+        headers: {
+          Authorization: `Bearer ${cred.key}`,
+          "Content-Type": "application/json"
+        }
+      });
+    } catch (err) {
+      throw classifyFetchError3(err);
+    }
+    if (data.base_resp?.status_code && data.base_resp.status_code !== 0) {
+      throw new QuotaError({
+        state: "upstream_unavailable",
+        message: data.base_resp.status_msg || `MiniMax error ${data.base_resp.status_code}`
+      });
+    }
+    const windows = [];
+    for (const m of data.model_remains ?? []) {
+      const model = m.model_name ?? "MiniMax";
+      const intervalTotal = m.current_interval_total_count ?? 0;
+      const intervalRemaining = m.current_interval_usage_count ?? 0;
+      if (intervalTotal > 0) {
+        windows.push(windowFromCounts(
+          `minimax_5h_${model}`,
+          `5-Hour \xB7 ${model}`,
+          Math.max(0, intervalTotal - intervalRemaining),
+          intervalTotal,
+          { durationMins: 300, resetsAt: unixToIso(m.end_time) }
+        ));
+      }
+      const weeklyTotal = m.current_weekly_total_count ?? 0;
+      const weeklyRemaining = m.current_weekly_usage_count ?? 0;
+      if (weeklyTotal > 0) {
+        windows.push(windowFromCounts(
+          `minimax_weekly_${model}`,
+          `Weekly \xB7 ${model}`,
+          Math.max(0, weeklyTotal - weeklyRemaining),
+          weeklyTotal,
+          { durationMins: 10080 }
+        ));
+      }
+    }
+    const snap = baseSnapshot("minimax", "MiniMax Coding Plan", { windows });
+    return { ...snap, status: { state: "ok" } };
+  }
+};
+function classifyFetchError3(err) {
+  if (err instanceof HttpError) {
+    const c = classifyHttpError(err);
+    return new QuotaError(c);
+  }
+  const msg = err instanceof Error ? err.message : String(err);
+  return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
+}
+function resolveCredential2(proposed) {
+  if (proposed?.apiKey) {
+    const region2 = (process.env.MINIMAX_REGION || "").toLowerCase();
+    const base2 = proposed.baseUrl || (region2 === "cn" ? "https://www.minimaxi.com" : "https://www.minimax.io");
+    return { key: proposed.apiKey, base: base2 };
+  }
+  const stored = readStoredCredential("minimax");
+  if (stored) {
+    const region2 = (process.env.MINIMAX_REGION || "").toLowerCase();
+    const base2 = stored.baseUrl || (region2 === "cn" ? "https://www.minimaxi.com" : "https://www.minimax.io");
+    return { key: stored.apiKey, base: base2 };
+  }
+  const key = process.env.MINIMAX_API_KEY || process.env.MINIMAX_SUBSCRIPTION_KEY;
+  if (!key) return null;
+  const region = (process.env.MINIMAX_REGION || "").toLowerCase();
+  const base = region === "cn" ? process.env.MINIMAX_BASE_URL || "https://www.minimaxi.com" : process.env.MINIMAX_BASE_URL || "https://www.minimax.io";
+  return { key, base };
+}
+
+// src/server/quota/adapters/kimi.ts
+var import_node_fs12 = require("node:fs");
+var import_node_path12 = require("node:path");
+var import_node_os12 = require("node:os");
+var KIMI_CLIENT_ID = "17e5f671-d194-4dfb-9706-5516cb48c098";
+var KIMI_BASE = "https://api.kimi.com/coding/v1";
+var KIMI_AUTH = "https://auth.kimi.com/api/oauth/token";
+var kimiAdapter = {
+  provider: "kimi",
+  displayName: "Kimi Code",
+  async isConfigured() {
+    const cred = readCredentials();
+    return !!cred && !!cred.access_token;
+  },
+  async fetch(options) {
+    const credPath = credentialsPath();
+    let cred = options?.credential?.apiKey ? { access_token: options.credential.apiKey, token_type: "Bearer" } : readCredentials();
+    if (!cred || !cred.access_token) {
+      throw new QuotaError({ state: "not_configured", message: "run `kimi` to log in first" });
+    }
+    const nowSec = Math.floor(Date.now() / 1e3);
+    if (cred.expires_at && cred.expires_at - nowSec < 300 && cred.refresh_token) {
+      cred = await refreshToken(credPath, cred.refresh_token).catch(() => cred);
+    }
+    let data;
+    try {
+      data = await fetchJsonWithTimeout(`${KIMI_BASE}/usages`, {
+        headers: {
+          Authorization: `Bearer ${cred.access_token}`,
+          Accept: "application/json"
+        }
+      });
+    } catch (err) {
+      throw classifyFetchError4(err);
+    }
+    const windows = [];
+    if (data.usage) {
+      const { used, limit } = toCounts(data.usage);
+      if (limit > 0) {
+        windows.push(windowFromCounts("kimi_weekly", "Weekly", used, limit, {
+          durationMins: 10080,
+          resetsAt: normalizeIso2(data.usage.resetTime)
+        }));
+      }
+    }
+    for (let i = 0; i < (data.limits?.length ?? 0); i++) {
+      const entry = data.limits[i];
+      const detail = entry?.detail;
+      if (!detail) continue;
+      const { used, limit } = toCounts(detail);
+      if (limit <= 0) continue;
+      const mins = minutesForWindow(entry?.window);
+      windows.push(windowFromCounts(`kimi_limit_${i}`, mins ? `${durationLabel2(mins)} Window` : `Window ${i + 1}`, used, limit, {
+        durationMins: mins,
+        resetsAt: normalizeIso2(detail.resetTime)
+      }));
+    }
+    const snap = baseSnapshot("kimi", "Kimi Code", {
+      planName: data.user?.membership?.level ? prettifyLevel(data.user.membership.level) : void 0,
+      windows
+    });
+    return { ...snap, status: { state: "ok" } };
+  }
+};
+function classifyFetchError4(err) {
+  if (err instanceof HttpError) {
+    const c = classifyHttpError(err);
+    return new QuotaError(c);
+  }
+  const msg = err instanceof Error ? err.message : String(err);
+  return new QuotaError({ state: "upstream_unavailable", message: msg.slice(0, 200) });
+}
+function toCounts(detail) {
+  const limit = toNumber(detail.limit);
+  const remaining = toNumber(detail.remaining);
+  if (limit <= 0) return { used: 0, limit: 0 };
+  return { used: Math.max(0, limit - remaining), limit };
+}
+function toNumber(v) {
+  if (v === void 0 || v === null) return 0;
+  const n = typeof v === "string" ? parseFloat(v) : v;
+  return Number.isFinite(n) ? n : 0;
+}
+function minutesForWindow(window) {
+  if (!window?.duration) return void 0;
+  const unit = (window.timeUnit || "").toUpperCase();
+  if (unit.includes("HOUR")) return window.duration * 60;
+  if (unit.includes("DAY")) return window.duration * 1440;
+  return window.duration;
+}
+function durationLabel2(mins) {
+  if (mins >= 10080) return "Weekly";
+  if (mins >= 1440) return `${Math.round(mins / 1440)}-Day`;
+  if (mins >= 60) return `${Math.round(mins / 60)}-Hour`;
+  return `${mins}m`;
+}
+function normalizeIso2(s) {
+  return s ? new Date(s).toISOString() : void 0;
+}
+function prettifyLevel(level) {
+  return level.replace(/^LEVEL_/, "").toLowerCase().replace(/(^|_)(\w)/g, (_, __, c) => " " + c.toUpperCase()).trim();
+}
+function kimiDataDir() {
+  return process.env.KIMI_DATA_DIR || (0, import_node_path12.join)((0, import_node_os12.homedir)(), ".kimi");
+}
+function credentialsPath() {
+  return (0, import_node_path12.join)(kimiDataDir(), "credentials", "kimi-code.json");
+}
+function readCredentials() {
+  const stored = readStoredCredential("kimi");
+  if (stored?.apiKey) {
+    return { access_token: stored.apiKey, token_type: "Bearer" };
+  }
+  const path = credentialsPath();
+  if (!(0, import_node_fs12.existsSync)(path)) return null;
+  try {
+    return JSON.parse((0, import_node_fs12.readFileSync)(path, "utf8"));
+  } catch {
+    return null;
+  }
+}
+async function refreshToken(credPath, refreshToken2) {
+  const body = new URLSearchParams({
+    client_id: KIMI_CLIENT_ID,
+    grant_type: "refresh_token",
+    refresh_token: refreshToken2
+  });
+  const res = await fetch(KIMI_AUTH, {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body
+  });
+  if (!res.ok) throw new Error(`token refresh failed: HTTP ${res.status}`);
+  const tokens = await res.json();
+  const updated = {
+    access_token: tokens.access_token,
+    refresh_token: tokens.refresh_token || refreshToken2,
+    expires_at: Math.floor(Date.now() / 1e3) + (tokens.expires_in ?? 3600),
+    token_type: tokens.token_type || "Bearer"
+  };
+  try {
+    (0, import_node_fs12.writeFileSync)(credPath, JSON.stringify(updated, null, 2), "utf8");
+  } catch {
+  }
+  return updated;
+}
+
+// src/server/quota/index.ts
+var registry = new QuotaAdapterRegistry();
+registry.register(claudeAdapter);
+registry.register(codexAdapter);
+registry.register(glmAdapter);
+registry.register(minimaxAdapter);
+registry.register(kimiAdapter);
+var quotaCache = new QuotaCache();
+var quotaService = new QuotaService(registry, quotaCache);
+
 // src/server/routes/api.ts
+async function getQuota(_req, res) {
+  const force = _req.query.refresh === "1" || _req.query.refresh === "true";
+  try {
+    const data = force ? await quotaService.refreshAll() : await quotaService.fetchAll();
+    res.json(data);
+  } catch (error) {
+    const message = error instanceof Error ? error.message : "Unknown error";
+    res.status(500).json({ error: "Failed to fetch quota", hint: message });
+  }
+}
+var editableQuotaProviders = /* @__PURE__ */ new Set(["glm", "kimi", "minimax"]);
+async function validateQuotaCredential(req, res) {
+  const provider = req.body?.provider;
+  const apiKey = typeof req.body?.apiKey === "string" ? req.body.apiKey.trim() : "";
+  const baseUrl = typeof req.body?.baseUrl === "string" ? req.body.baseUrl.trim() : void 0;
+  if (!editableQuotaProviders.has(provider) || !apiKey) {
+    res.status(400).json({
+      error: "Invalid credential request",
+      hint: "A supported provider and non-empty token are required."
+    });
+    return;
+  }
+  const result = await quotaService.validateCredential(provider, {
+    apiKey,
+    baseUrl: baseUrl || void 0
+  });
+  res.status(result.valid ? 200 : 422).json(result);
+}
 function getAgents(_req, res) {
   try {
     const agents = detectAvailableAgents();
@@ -2121,10 +3204,11 @@ function registerApiRoutes(router, appInfo) {
   router.get("/projects", getProjects);
   router.get("/blocks", getBlocks);
   router.get("/analytics", getAnalytics);
+  router.get("/quota", getQuota);
+  router.post("/quota/validate", validateQuotaCredential);
 }
 
 // src/server/index.ts
-var import_open = __toESM(require("open"), 1);
 var CLI_USAGE = [
   "Usage:",
   "  tokendash",
@@ -2135,16 +3219,16 @@ var CLI_USAGE = [
 var PACKAGE_NAME = "@zhangferry-dev/tokendash";
 function getPackageVersion() {
   const __filename = (0, import_node_url.fileURLToPath)(__esbuild_import_meta_url);
-  const __dirname = (0, import_node_path8.dirname)(__filename);
+  const __dirname = (0, import_node_path13.dirname)(__filename);
   const packageJsonPaths = [
-    (0, import_node_path8.join)(__dirname, "..", "..", "package.json"),
+    (0, import_node_path13.join)(__dirname, "..", "..", "package.json"),
     // dist/server/index.js
-    (0, import_node_path8.join)(__dirname, "..", "package.json")
-    // dist/electron-server.cjs
+    (0, import_node_path13.join)(__dirname, "..", "package.json")
+    // bundled server entrypoint
   ];
   for (const packageJsonPath of packageJsonPaths) {
-    if (!(0, import_node_fs8.existsSync)(packageJsonPath)) continue;
-    const packageJson = JSON.parse((0, import_node_fs8.readFileSync)(packageJsonPath, "utf8"));
+    if (!(0, import_node_fs13.existsSync)(packageJsonPath)) continue;
+    const packageJson = JSON.parse((0, import_node_fs13.readFileSync)(packageJsonPath, "utf8"));
     if (packageJson.version) return packageJson.version;
   }
   return "unknown";
@@ -2243,18 +3327,19 @@ async function listenWithPortFallback(app, preferredPort) {
   throw new Error(`Could not find an available port starting from ${preferredPort}`);
 }
 function resolveStaticAssetBaseDir(moduleUrl = __esbuild_import_meta_url, baseDir) {
-  if (baseDir) return { baseDir: (0, import_node_path8.resolve)(baseDir), isProduction: true };
-  const moduleDir = (0, import_node_path8.dirname)((0, import_node_url.fileURLToPath)(moduleUrl));
+  if (baseDir) return { baseDir: (0, import_node_path13.resolve)(baseDir), isProduction: true };
+  const moduleDir = (0, import_node_path13.dirname)((0, import_node_url.fileURLToPath)(moduleUrl));
   const isProduction = moduleUrl.includes("/dist/");
-  if (!isProduction) return { baseDir: (0, import_node_path8.resolve)(moduleDir), isProduction: false };
-  if ((0, import_node_path8.basename)(moduleDir) === "server") {
-    return { baseDir: (0, import_node_path8.resolve)((0, import_node_path8.dirname)(moduleDir)), isProduction: true };
+  if (!isProduction) return { baseDir: (0, import_node_path13.resolve)(moduleDir), isProduction: false };
+  if ((0, import_node_path13.basename)(moduleDir) === "server") {
+    return { baseDir: (0, import_node_path13.resolve)((0, import_node_path13.dirname)(moduleDir)), isProduction: true };
   }
-  return { baseDir: (0, import_node_path8.resolve)(moduleDir), isProduction: true };
+  return { baseDir: (0, import_node_path13.resolve)(moduleDir), isProduction: true };
 }
 function createApp(_port, baseDir) {
   const app = (0, import_express.default)();
   const router = import_express.default.Router();
+  app.use(import_express.default.json({ limit: "16kb" }));
   registerApiRoutes(router, {
     packageName: PACKAGE_NAME,
     version: getPackageVersion(),
@@ -2262,17 +3347,17 @@ function createApp(_port, baseDir) {
   });
   app.use("/api", router);
   const { baseDir: _baseDir, isProduction } = resolveStaticAssetBaseDir(__esbuild_import_meta_url, baseDir);
-  const popoverPath = isProduction ? (0, import_node_path8.join)(_baseDir, "client", "popover.html") : (0, import_node_path8.join)(_baseDir, "..", "..", "public", "popover.html");
+  const popoverPath = isProduction ? (0, import_node_path13.join)(_baseDir, "client", "popover.html") : (0, import_node_path13.join)(_baseDir, "..", "..", "public", "popover.html");
   app.get("/popover.html", (_req, res, next) => {
-    if (!(0, import_node_fs8.existsSync)(popoverPath)) {
+    if (!(0, import_node_fs13.existsSync)(popoverPath)) {
       next();
       return;
     }
-    res.type("html").send((0, import_node_fs8.readFileSync)(popoverPath, "utf8"));
+    res.type("html").send((0, import_node_fs13.readFileSync)(popoverPath, "utf8"));
   });
   if (isProduction) {
-    const clientPath = (0, import_node_path8.join)(_baseDir, "client");
-    const clientIndexPath = (0, import_node_path8.join)(clientPath, "index.html");
+    const clientPath = (0, import_node_path13.join)(_baseDir, "client");
+    const clientIndexPath = (0, import_node_path13.join)(clientPath, "index.html");
     app.use(import_express.default.static(clientPath));
     app.use("{*path}", (_req, res) => {
       res.sendFile(clientIndexPath);
@@ -2294,13 +3379,21 @@ async function main() {
       process.exit(1);
     }
     console.log(`Starting tokendash v${version} in tray mode...`);
-    const { default: electronPath } = await import("electron");
-    const { spawn } = await import("node:child_process");
-    const child = spawn(electronPath, ["."], {
+    const { spawn: spawn2 } = await import("node:child_process");
+    const { resolve: resolve2 } = await import("node:path");
+    const { existsSync: existsSync12 } = await import("node:fs");
+    const moduleDir = (0, import_node_path13.dirname)((0, import_node_url.fileURLToPath)(__esbuild_import_meta_url));
+    const packagedPath = resolve2(moduleDir, "..", "..", "TokenDashSwift", ".build", "debug", "TokenDash");
+    const devPath = resolve2(moduleDir, "..", "..", "TokenDashSwift", ".build", "debug", "TokenDash");
+    const swiftBin = existsSync12(packagedPath) ? packagedPath : devPath;
+    if (!existsSync12(swiftBin)) {
+      console.error('Error: TokenDash Swift binary not found. Run "npm run build:swift" first.');
+      process.exit(1);
+    }
+    const child = spawn2(swiftBin, [], {
       env: {
         ...process.env,
-        TOKENDASH_PORT: String(preferredPort),
-        TOKENDASH_TRAY: "1"
+        TOKENDASH_PORT: String(preferredPort)
       },
       stdio: "inherit"
     });
@@ -2329,11 +3422,14 @@ async function main() {
     console.log('Development mode - use "npm run dev" for full dev experience');
   }
   if (shouldOpenBrowser) {
-    setTimeout(() => {
+    setTimeout(async () => {
       console.log("Opening dashboard in your browser...");
-      (0, import_open.default)(`http://localhost:${port}`).catch((err) => {
+      try {
+        const { default: open } = await import("open");
+        await open(`http://localhost:${port}`);
+      } catch (err) {
         console.warn("Could not open browser:", err.message);
-      });
+      }
     }, 100);
   } else {
     console.log("Browser auto-open disabled (--no-open)");