agent-relay 1.0.21 → 1.1.0

package/dist/cloud/services/planLimits.js

@@ -0,0 +1,254 @@
+/**
+ * Plan Limits Service
+ *
+ * Defines resource limits for each plan tier and provides
+ * functions to check if users are within their limits.
+ */
+import { db, usageRecordsTable } from '../db/index.js';
+import { eq, and, gte, sql } from 'drizzle-orm';
+import { getDb } from '../db/drizzle.js';
+/**
+ * Plan limits configuration
+ *
+ * Free: Try it out on a side project
+ * Pro: Professional developers, coordinators enabled
+ * Team: Growing teams with advanced needs
+ * Enterprise: Unlimited everything
+ */
+export const PLAN_LIMITS = {
+    free: {
+        maxWorkspaces: 1,
+        maxRepos: 3,
+        maxConcurrentAgents: 2,
+        maxComputeHoursPerMonth: 10,
+        coordinatorsEnabled: false,
+    },
+    pro: {
+        maxWorkspaces: 5,
+        maxRepos: 20,
+        maxConcurrentAgents: 10,
+        maxComputeHoursPerMonth: 100,
+        coordinatorsEnabled: true,
+    },
+    team: {
+        maxWorkspaces: 20,
+        maxRepos: 100,
+        maxConcurrentAgents: 50,
+        maxComputeHoursPerMonth: 500,
+        coordinatorsEnabled: true,
+    },
+    enterprise: {
+        maxWorkspaces: Infinity,
+        maxRepos: Infinity,
+        maxConcurrentAgents: Infinity,
+        maxComputeHoursPerMonth: Infinity,
+        coordinatorsEnabled: true,
+    },
+};
+/**
+ * Get plan limits for a given plan type
+ */
+export function getPlanLimits(plan) {
+    return PLAN_LIMITS[plan];
+}
+/**
+ * Get current usage for a user
+ */
+export async function getUserUsage(userId) {
+    // Get workspace count
+    const workspaces = await db.workspaces.findByUserId(userId);
+    const workspaceCount = workspaces.length;
+    // Get repo count across all workspaces
+    let repoCount = 0;
+    for (const workspace of workspaces) {
+        const repos = await db.repositories.findByWorkspaceId(workspace.id);
+        repoCount += repos.length;
+    }
+    // Get concurrent agents (currently running)
+    // For now, we'll track this via usage_records with metric 'active_agents'
+    // In production, this would query the actual running agent count
+    const drizzleDb = getDb();
+    const activeAgentsResult = await drizzleDb
+        .select({ total: sql `COALESCE(MAX(${usageRecordsTable.value}), 0)` })
+        .from(usageRecordsTable)
+        .where(and(eq(usageRecordsTable.userId, userId), eq(usageRecordsTable.metric, 'active_agents')));
+    const concurrentAgents = Number(activeAgentsResult[0]?.total || 0);
+    // Get compute hours this month
+    const startOfMonth = new Date();
+    startOfMonth.setDate(1);
+    startOfMonth.setHours(0, 0, 0, 0);
+    const computeHoursResult = await drizzleDb
+        .select({ total: sql `COALESCE(SUM(${usageRecordsTable.value}), 0)` })
+        .from(usageRecordsTable)
+        .where(and(eq(usageRecordsTable.userId, userId), eq(usageRecordsTable.metric, 'compute_hours'), gte(usageRecordsTable.recordedAt, startOfMonth)));
+    const computeHoursThisMonth = Number(computeHoursResult[0]?.total || 0);
+    return {
+        workspaceCount,
+        repoCount,
+        concurrentAgents,
+        computeHoursThisMonth,
+    };
+}
+/**
+ * Check if user can create a new workspace
+ */
+export async function canCreateWorkspace(userId) {
+    const user = await db.users.findById(userId);
+    if (!user) {
+        return { allowed: false, reason: 'User not found' };
+    }
+    const plan = user.plan || 'free';
+    const limits = getPlanLimits(plan);
+    const usage = await getUserUsage(userId);
+    if (usage.workspaceCount >= limits.maxWorkspaces) {
+        return {
+            allowed: false,
+            reason: `Workspace limit reached for ${plan} plan`,
+            limit: limits.maxWorkspaces,
+            current: usage.workspaceCount,
+        };
+    }
+    return { allowed: true };
+}
+/**
+ * Check if user can add a new repo
+ */
+export async function canAddRepo(userId) {
+    const user = await db.users.findById(userId);
+    if (!user) {
+        return { allowed: false, reason: 'User not found' };
+    }
+    const plan = user.plan || 'free';
+    const limits = getPlanLimits(plan);
+    const usage = await getUserUsage(userId);
+    if (usage.repoCount >= limits.maxRepos) {
+        return {
+            allowed: false,
+            reason: `Repository limit reached for ${plan} plan`,
+            limit: limits.maxRepos,
+            current: usage.repoCount,
+        };
+    }
+    return { allowed: true };
+}
+/**
+ * Check if user can spawn another agent (concurrent agent limit)
+ */
+export async function canSpawnAgent(userId, currentRunningAgents) {
+    const user = await db.users.findById(userId);
+    if (!user) {
+        return { allowed: false, reason: 'User not found' };
+    }
+    const plan = user.plan || 'free';
+    const limits = getPlanLimits(plan);
+    // Use provided count or fetch from usage
+    let concurrentAgents;
+    if (currentRunningAgents !== undefined) {
+        concurrentAgents = currentRunningAgents;
+    }
+    else {
+        const usage = await getUserUsage(userId);
+        concurrentAgents = usage.concurrentAgents;
+    }
+    if (concurrentAgents >= limits.maxConcurrentAgents) {
+        return {
+            allowed: false,
+            reason: `Concurrent agent limit reached for ${plan} plan`,
+            limit: limits.maxConcurrentAgents,
+            current: concurrentAgents,
+        };
+    }
+    return { allowed: true };
+}
+/**
+ * Check if user can use coordinator agents
+ */
+export async function canUseCoordinator(userId) {
+    const user = await db.users.findById(userId);
+    if (!user) {
+        return { allowed: false, reason: 'User not found' };
+    }
+    const plan = user.plan || 'free';
+    const limits = getPlanLimits(plan);
+    if (!limits.coordinatorsEnabled) {
+        return {
+            allowed: false,
+            reason: 'Coordinator agents require a Pro plan or higher',
+            requiredPlan: 'pro',
+        };
+    }
+    return { allowed: true };
+}
+/**
+ * Check if user has compute hours available
+ */
+export async function hasComputeHoursAvailable(userId) {
+    const user = await db.users.findById(userId);
+    if (!user) {
+        return { available: false, reason: 'User not found' };
+    }
+    const plan = user.plan || 'free';
+    const limits = getPlanLimits(plan);
+    const usage = await getUserUsage(userId);
+    // Enterprise has unlimited
+    if (limits.maxComputeHoursPerMonth === Infinity) {
+        return { available: true };
+    }
+    if (usage.computeHoursThisMonth >= limits.maxComputeHoursPerMonth) {
+        return {
+            available: false,
+            reason: `Compute hours limit reached for ${plan} plan`,
+            limit: limits.maxComputeHoursPerMonth,
+            current: usage.computeHoursThisMonth,
+        };
+    }
+    return { available: true };
+}
+/**
+ * Get remaining quota for a user
+ */
+export async function getRemainingQuota(userId) {
+    const user = await db.users.findById(userId);
+    const plan = (user?.plan || 'free');
+    const limits = getPlanLimits(plan);
+    const usage = await getUserUsage(userId);
+    const calcRemaining = (limit, current) => limit === Infinity ? Infinity : Math.max(0, limit - current);
+    return {
+        plan,
+        limits,
+        usage,
+        remaining: {
+            workspaces: calcRemaining(limits.maxWorkspaces, usage.workspaceCount),
+            repos: calcRemaining(limits.maxRepos, usage.repoCount),
+            concurrentAgents: calcRemaining(limits.maxConcurrentAgents, usage.concurrentAgents),
+            computeHours: calcRemaining(limits.maxComputeHoursPerMonth, usage.computeHoursThisMonth),
+        },
+    };
+}
+/**
+ * Record compute usage
+ */
+export async function recordComputeUsage(userId, workspaceId, hours) {
+    const drizzleDb = getDb();
+    await drizzleDb.insert(usageRecordsTable).values({
+        userId,
+        workspaceId,
+        metric: 'compute_hours',
+        value: Math.round(hours * 100) / 100, // Round to 2 decimal places
+        recordedAt: new Date(),
+    });
+}
+/**
+ * Update active agent count for a user
+ */
+export async function updateActiveAgentCount(userId, workspaceId, count) {
+    const drizzleDb = getDb();
+    await drizzleDb.insert(usageRecordsTable).values({
+        userId,
+        workspaceId,
+        metric: 'active_agents',
+        value: count,
+        recordedAt: new Date(),
+    });
+}
+//# sourceMappingURL=planLimits.js.map

package/dist/cloud/services/planLimits.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"planLimits.js","sourceRoot":"","sources":["../../../src/cloud/services/planLimits.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,EAAE,EAAY,iBAAiB,EAAE,MAAM,gBAAgB,CAAC;AACjE,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAazC;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,WAAW,GAAiC;IACvD,IAAI,EAAE;QACJ,aAAa,EAAE,CAAC;QAChB,QAAQ,EAAE,CAAC;QACX,mBAAmB,EAAE,CAAC;QACtB,uBAAuB,EAAE,EAAE;QAC3B,mBAAmB,EAAE,KAAK;KAC3B;IACD,GAAG,EAAE;QACH,aAAa,EAAE,CAAC;QAChB,QAAQ,EAAE,EAAE;QACZ,mBAAmB,EAAE,EAAE;QACvB,uBAAuB,EAAE,GAAG;QAC5B,mBAAmB,EAAE,IAAI;KAC1B;IACD,IAAI,EAAE;QACJ,aAAa,EAAE,EAAE;QACjB,QAAQ,EAAE,GAAG;QACb,mBAAmB,EAAE,EAAE;QACvB,uBAAuB,EAAE,GAAG;QAC5B,mBAAmB,EAAE,IAAI;KAC1B;IACD,UAAU,EAAE;QACV,aAAa,EAAE,QAAQ;QACvB,QAAQ,EAAE,QAAQ;QAClB,mBAAmB,EAAE,QAAQ;QAC7B,uBAAuB,EAAE,QAAQ;QACjC,mBAAmB,EAAE,IAAI;KAC1B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,IAAc;IAC1C,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAYD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,MAAc;IAC/C,sBAAsB;IACtB,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IAC5D,MAAM,cAAc,GAAG,UAAU,CAAC,MAAM,CAAC;IAEzC,uCAAuC;IACvC,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,YAAY,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACpE,SAAS,IAAI,KAAK,CAAC,MAAM,CAAC;IAC5B,CAAC;IAED,4CAA4C;IAC5C,0EAA0E;IAC1E,iEAAiE;IACjE,MAAM,SAAS,GAAG,KAAK,EAAE,CAAC;IAC1B,MAAM,kBAAkB,GAAG,MAAM,SAAS;SACvC,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,CAAQ,gBAAgB,iBAAiB,CAAC,KAAK,OAAO,EAAE,CAAC;SAC5E,IAAI,CAAC,iBAAiB,CAAC;SACvB,KAAK,CACJ,GAAG,CACD,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,EACpC,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,eAAe,CAAC,CAC9C,CACF,CAAC;IACJ,MAAM,gBAAgB,GAAG,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;IAEnE,+BAA+B;IAC/B,MAAM,YAAY,GAAG,IAAI,IAAI,EAAE,CAAC;IAChC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACxB,YAAY,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;IAElC,MAAM,kBAAkB,GAAG,MAAM,SAAS;SACvC,MAAM,CAAC,EAAE,KAAK,EAAE,GAAG,CAAQ,gBAAgB,iBAAiB,CAAC,KAAK,OAAO,EAAE,CAAC;SAC5E,IAAI,CAAC,iBAAiB,CAAC;SACvB,KAAK,CACJ,GAAG,CACD,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,EACpC,EAAE,CAAC,iBAAiB,CAAC,MAAM,EAAE,eAAe,CAAC,EAC7C,GAAG,CAAC,iBAAiB,CAAC,UAAU,EAAE,YAAY,CAAC,CAChD,CACF,CAAC;IAEJ,MAAM,qBAAqB,GAAG,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;IAExE,OAAO;QACL,cAAc;QACd,SAAS;QACT,gBAAgB;QAChB,qBAAqB;KACtB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,MAAc;IAMrD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,IAAI,GAAI,IAAI,CAAC,IAAiB,IAAI,MAAM,CAAC;IAC/C,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC;IAEzC,IAAI,KAAK,CAAC,cAAc,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACjD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,+BAA+B,IAAI,OAAO;YAClD,KAAK,EAAE,MAAM,CAAC,aAAa;YAC3B,OAAO,EAAE,KAAK,CAAC,cAAc;SAC9B,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAc;IAM7C,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,IAAI,GAAI,IAAI,CAAC,IAAiB,IAAI,MAAM,CAAC;IAC/C,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC;IAEzC,IAAI,KAAK,CAAC,SAAS,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACvC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,gCAAgC,IAAI,OAAO;YACnD,KAAK,EAAE,MAAM,CAAC,QAAQ;YACtB,OAAO,EAAE,KAAK,CAAC,SAAS;SACzB,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,MAAc,EACd,oBAA6B;IAO7B,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,IAAI,GAAI,IAAI,CAAC,IAAiB,IAAI,MAAM,CAAC;IAC/C,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IAEnC,yCAAyC;IACzC,IAAI,gBAAwB,CAAC;IAC7B,IAAI,oBAAoB,KAAK,SAAS,EAAE,CAAC;QACvC,gBAAgB,GAAG,oBAAoB,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC;QACzC,gBAAgB,GAAG,KAAK,CAAC,gBAAgB,CAAC;IAC5C,CAAC;IAED,IAAI,gBAAgB,IAAI,MAAM,CAAC,mBAAmB,EAAE,CAAC;QACnD,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,sCAAsC,IAAI,OAAO;YACzD,KAAK,EAAE,MAAM,CAAC,mBAAmB;YACjC,OAAO,EAAE,gBAAgB;SAC1B,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc;IAKpD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,IAAI,GAAI,IAAI,CAAC,IAAiB,IAAI,MAAM,CAAC;IAC/C,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IAEnC,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;QAChC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,iDAAiD;YACzD,YAAY,EAAE,KAAK;SACpB,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAAC,MAAc;IAM3D,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IACxD,CAAC;IAED,MAAM,IAAI,GAAI,IAAI,CAAC,IAAiB,IAAI,MAAM,CAAC;IAC/C,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC;IAEzC,2BAA2B;IAC3B,IAAI,MAAM,CAAC,uBAAuB,KAAK,QAAQ,EAAE,CAAC;QAChD,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;IAC7B,CAAC;IAED,IAAI,KAAK,CAAC,qBAAqB,IAAI,MAAM,CAAC,uBAAuB,EAAE,CAAC;QAClE,OAAO;YACL,SAAS,EAAE,KAAK;YAChB,MAAM,EAAE,mCAAmC,IAAI,OAAO;YACtD,KAAK,EAAE,MAAM,CAAC,uBAAuB;YACrC,OAAO,EAAE,KAAK,CAAC,qBAAqB;SACrC,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,MAAc;IAWpD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,CAAE,IAAI,EAAE,IAAiB,IAAI,MAAM,CAAa,CAAC;IAC9D,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,KAAK,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,CAAC;IAEzC,MAAM,aAAa,GAAG,CAAC,KAAa,EAAE,OAAe,EAAE,EAAE,CACvD,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC,CAAC;IAE/D,OAAO;QACL,IAAI;QACJ,MAAM;QACN,KAAK;QACL,SAAS,EAAE;YACT,UAAU,EAAE,aAAa,CAAC,MAAM,CAAC,aAAa,EAAE,KAAK,CAAC,cAAc,CAAC;YACrE,KAAK,EAAE,aAAa,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;YACtD,gBAAgB,EAAE,aAAa,CAAC,MAAM,CAAC,mBAAmB,EAAE,KAAK,CAAC,gBAAgB,CAAC;YACnF,YAAY,EAAE,aAAa,CAAC,MAAM,CAAC,uBAAuB,EAAE,KAAK,CAAC,qBAAqB,CAAC;SACzF;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAAc,EACd,WAAmB,EACnB,KAAa;IAEb,MAAM,SAAS,GAAG,KAAK,EAAE,CAAC;IAC1B,MAAM,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC;QAC/C,MAAM;QACN,WAAW;QACX,MAAM,EAAE,eAAe;QACvB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG,EAAE,4BAA4B;QAClE,UAAU,EAAE,IAAI,IAAI,EAAE;KACvB,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,MAAc,EACd,WAAmB,EACnB,KAAa;IAEb,MAAM,SAAS,GAAG,KAAK,EAAE,CAAC;IAC1B,MAAM,SAAS,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC,MAAM,CAAC;QAC/C,MAAM;QACN,WAAW;QACX,MAAM,EAAE,eAAe;QACvB,KAAK,EAAE,KAAK;QACZ,UAAU,EAAE,IAAI,IAAI,EAAE;KACvB,CAAC,CAAC;AACL,CAAC"}

package/dist/cloud/vault/index.d.ts

@@ -0,0 +1,76 @@
+/**
+ * Agent Relay Cloud - Credential Vault
+ *
+ * Secure storage for OAuth tokens with AES-256-GCM encryption.
+ */
+export interface StoredCredential {
+    userId: string;
+    provider: string;
+    accessToken: string;
+    refreshToken?: string;
+    tokenExpiresAt?: Date;
+    scopes?: string[];
+    providerAccountId?: string;
+    providerAccountEmail?: string;
+}
+export interface DecryptedCredential {
+    accessToken: string;
+    refreshToken?: string;
+    tokenExpiresAt?: Date;
+    scopes?: string[];
+    providerAccountId?: string;
+    providerAccountEmail?: string;
+}
+export declare class CredentialVault {
+    private masterKey;
+    constructor();
+    /**
+     * Encrypt a string value
+     */
+    private encrypt;
+    /**
+     * Decrypt a string value
+     */
+    private decrypt;
+    /**
+     * Store encrypted credential
+     */
+    storeCredential(credential: StoredCredential): Promise<void>;
+    /**
+     * Retrieve and decrypt credential
+     */
+    getCredential(userId: string, provider: string): Promise<DecryptedCredential | null>;
+    /**
+     * Get all credentials for a user (decrypted)
+     */
+    getUserCredentials(userId: string): Promise<Map<string, DecryptedCredential>>;
+    /**
+     * Update tokens (e.g., after refresh)
+     */
+    updateTokens(userId: string, provider: string, accessToken: string, refreshToken?: string, expiresAt?: Date): Promise<void>;
+    /**
+     * Delete credential
+     */
+    deleteCredential(userId: string, provider: string): Promise<void>;
+    /**
+     * Check if credential needs refresh (within 5 minutes of expiry)
+     */
+    needsRefresh(userId: string, provider: string): Promise<boolean>;
+    /**
+     * Refresh OAuth token for a provider
+     */
+    refreshToken(userId: string, provider: string): Promise<boolean>;
+}
+export declare function getVault(): CredentialVault;
+export declare const vault: {
+    readonly instance: CredentialVault;
+    storeCredential: (cred: StoredCredential) => Promise<void>;
+    getCredential: (userId: string, provider: string) => Promise<DecryptedCredential | null>;
+    getUserCredentials: (userId: string) => Promise<Map<string, DecryptedCredential>>;
+    updateTokens: (userId: string, provider: string, accessToken: string, refreshToken?: string, expiresAt?: Date) => Promise<void>;
+    deleteCredential: (userId: string, provider: string) => Promise<void>;
+    needsRefresh: (userId: string, provider: string) => Promise<boolean>;
+    refreshToken: (userId: string, provider: string) => Promise<boolean>;
+};
+export declare function generateMasterKey(): string;
+//# sourceMappingURL=index.d.ts.map

package/dist/cloud/vault/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/cloud/vault/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAUH,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,IAAI,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,cAAc,CAAC,EAAE,IAAI,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;CAC/B;AAED,qBAAa,eAAe;IAC1B,OAAO,CAAC,SAAS,CAAS;;IAW1B;;OAEG;IACH,OAAO,CAAC,OAAO;IAgBf;;OAEG;IACH,OAAO,CAAC,OAAO;IAkBf;;OAEG;IACG,eAAe,CAAC,UAAU,EAAE,gBAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAkBlE;;OAEG;IACG,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,mBAAmB,GAAG,IAAI,CAAC;IAkB1F;;OAEG;IACG,kBAAkB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC;IAoBnF;;OAEG;IACG,YAAY,CAChB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,EAChB,WAAW,EAAE,MAAM,EACnB,YAAY,CAAC,EAAE,MAAM,EACrB,SAAS,CAAC,EAAE,IAAI,GACf,OAAO,CAAC,IAAI,CAAC;IAehB;;OAEG;IACG,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIvE;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAUtE;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAuEvE;AAKD,wBAAgB,QAAQ,IAAI,eAAe,CAK1C;AAED,eAAO,MAAM,KAAK;;4BAIQ,gBAAgB;4BAChB,MAAM,YAAY,MAAM;iCAEnB,MAAM;2BAEzB,MAAM,YACJ,MAAM,eACH,MAAM,iBACJ,MAAM,cACT,IAAI;+BAES,MAAM,YAAY,MAAM;2BAE5B,MAAM,YAAY,MAAM;2BAExB,MAAM,YAAY,MAAM;CAEhD,CAAC;AAGF,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C"}

package/dist/cloud/vault/index.js

@@ -0,0 +1,219 @@
+/**
+ * Agent Relay Cloud - Credential Vault
+ *
+ * Secure storage for OAuth tokens with AES-256-GCM encryption.
+ */
+import crypto from 'crypto';
+import { getConfig } from '../config.js';
+import { db } from '../db/index.js';
+const ALGORITHM = 'aes-256-gcm';
+const IV_LENGTH = 12;
+const AUTH_TAG_LENGTH = 16;
+export class CredentialVault {
+    masterKey;
+    constructor() {
+        const config = getConfig();
+        this.masterKey = Buffer.from(config.vault.masterKey, 'base64');
+        if (this.masterKey.length !== 32) {
+            throw new Error('Vault master key must be 32 bytes (base64 encoded)');
+        }
+    }
+    /**
+     * Encrypt a string value
+     */
+    encrypt(plaintext) {
+        const iv = crypto.randomBytes(IV_LENGTH);
+        const cipher = crypto.createCipheriv(ALGORITHM, this.masterKey, iv);
+        const encrypted = Buffer.concat([
+            cipher.update(plaintext, 'utf8'),
+            cipher.final(),
+        ]);
+        const authTag = cipher.getAuthTag();
+        // Format: base64(iv + authTag + ciphertext)
+        const combined = Buffer.concat([iv, authTag, encrypted]);
+        return combined.toString('base64');
+    }
+    /**
+     * Decrypt a string value
+     */
+    decrypt(ciphertext) {
+        const combined = Buffer.from(ciphertext, 'base64');
+        const iv = combined.subarray(0, IV_LENGTH);
+        const authTag = combined.subarray(IV_LENGTH, IV_LENGTH + AUTH_TAG_LENGTH);
+        const encrypted = combined.subarray(IV_LENGTH + AUTH_TAG_LENGTH);
+        const decipher = crypto.createDecipheriv(ALGORITHM, this.masterKey, iv);
+        decipher.setAuthTag(authTag);
+        const decrypted = Buffer.concat([
+            decipher.update(encrypted),
+            decipher.final(),
+        ]);
+        return decrypted.toString('utf8');
+    }
+    /**
+     * Store encrypted credential
+     */
+    async storeCredential(credential) {
+        const encryptedAccessToken = this.encrypt(credential.accessToken);
+        const encryptedRefreshToken = credential.refreshToken
+            ? this.encrypt(credential.refreshToken)
+            : undefined;
+        await db.credentials.upsert({
+            userId: credential.userId,
+            provider: credential.provider,
+            accessToken: encryptedAccessToken,
+            refreshToken: encryptedRefreshToken,
+            tokenExpiresAt: credential.tokenExpiresAt,
+            scopes: credential.scopes,
+            providerAccountId: credential.providerAccountId,
+            providerAccountEmail: credential.providerAccountEmail,
+        });
+    }
+    /**
+     * Retrieve and decrypt credential
+     */
+    async getCredential(userId, provider) {
+        const credential = await db.credentials.findByUserAndProvider(userId, provider);
+        if (!credential) {
+            return null;
+        }
+        return {
+            accessToken: this.decrypt(credential.accessToken),
+            refreshToken: credential.refreshToken
+                ? this.decrypt(credential.refreshToken)
+                : undefined,
+            tokenExpiresAt: credential.tokenExpiresAt ?? undefined,
+            scopes: credential.scopes ?? undefined,
+            providerAccountId: credential.providerAccountId ?? undefined,
+            providerAccountEmail: credential.providerAccountEmail ?? undefined,
+        };
+    }
+    /**
+     * Get all credentials for a user (decrypted)
+     */
+    async getUserCredentials(userId) {
+        const credentials = await db.credentials.findByUserId(userId);
+        const result = new Map();
+        for (const cred of credentials) {
+            result.set(cred.provider, {
+                accessToken: this.decrypt(cred.accessToken),
+                refreshToken: cred.refreshToken
+                    ? this.decrypt(cred.refreshToken)
+                    : undefined,
+                tokenExpiresAt: cred.tokenExpiresAt ?? undefined,
+                scopes: cred.scopes ?? undefined,
+                providerAccountId: cred.providerAccountId ?? undefined,
+                providerAccountEmail: cred.providerAccountEmail ?? undefined,
+            });
+        }
+        return result;
+    }
+    /**
+     * Update tokens (e.g., after refresh)
+     */
+    async updateTokens(userId, provider, accessToken, refreshToken, expiresAt) {
+        const encryptedAccessToken = this.encrypt(accessToken);
+        const encryptedRefreshToken = refreshToken
+            ? this.encrypt(refreshToken)
+            : undefined;
+        await db.credentials.updateTokens(userId, provider, encryptedAccessToken, encryptedRefreshToken, expiresAt);
+    }
+    /**
+     * Delete credential
+     */
+    async deleteCredential(userId, provider) {
+        await db.credentials.delete(userId, provider);
+    }
+    /**
+     * Check if credential needs refresh (within 5 minutes of expiry)
+     */
+    async needsRefresh(userId, provider) {
+        const credential = await db.credentials.findByUserAndProvider(userId, provider);
+        if (!credential || !credential.tokenExpiresAt) {
+            return false;
+        }
+        const fiveMinutes = 5 * 60 * 1000;
+        return Date.now() > credential.tokenExpiresAt.getTime() - fiveMinutes;
+    }
+    /**
+     * Refresh OAuth token for a provider
+     */
+    async refreshToken(userId, provider) {
+        const credential = await this.getCredential(userId, provider);
+        if (!credential?.refreshToken) {
+            return false;
+        }
+        // Provider-specific refresh endpoints
+        const refreshEndpoints = {
+            anthropic: 'https://api.anthropic.com/oauth/token',
+            openai: 'https://auth.openai.com/oauth/token',
+            google: 'https://oauth2.googleapis.com/token',
+            github: 'https://github.com/login/oauth/access_token',
+        };
+        const endpoint = refreshEndpoints[provider];
+        if (!endpoint) {
+            console.error(`Unknown provider for refresh: ${provider}`);
+            return false;
+        }
+        try {
+            const config = getConfig();
+            const providerConfig = config.providers[provider];
+            const response = await fetch(endpoint, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                    Accept: 'application/json',
+                },
+                body: new URLSearchParams({
+                    grant_type: 'refresh_token',
+                    refresh_token: credential.refreshToken,
+                    client_id: providerConfig?.clientId || config.github.clientId,
+                    ...(provider === 'google' && {
+                        client_secret: providerConfig?.clientSecret,
+                    }),
+                    ...(provider === 'github' && {
+                        client_secret: config.github.clientSecret,
+                    }),
+                }),
+            });
+            if (!response.ok) {
+                const error = await response.text();
+                console.error(`Token refresh failed for ${provider}:`, error);
+                return false;
+            }
+            const data = await response.json();
+            await this.updateTokens(userId, provider, data.access_token, data.refresh_token, data.expires_in
+                ? new Date(Date.now() + data.expires_in * 1000)
+                : undefined);
+            return true;
+        }
+        catch (error) {
+            console.error(`Error refreshing token for ${provider}:`, error);
+            return false;
+        }
+    }
+}
+// Singleton instance
+let _vault = null;
+export function getVault() {
+    if (!_vault) {
+        _vault = new CredentialVault();
+    }
+    return _vault;
+}
+export const vault = {
+    get instance() {
+        return getVault();
+    },
+    storeCredential: (cred) => getVault().storeCredential(cred),
+    getCredential: (userId, provider) => getVault().getCredential(userId, provider),
+    getUserCredentials: (userId) => getVault().getUserCredentials(userId),
+    updateTokens: (userId, provider, accessToken, refreshToken, expiresAt) => getVault().updateTokens(userId, provider, accessToken, refreshToken, expiresAt),
+    deleteCredential: (userId, provider) => getVault().deleteCredential(userId, provider),
+    needsRefresh: (userId, provider) => getVault().needsRefresh(userId, provider),
+    refreshToken: (userId, provider) => getVault().refreshToken(userId, provider),
+};
+// Generate a new master key (for setup)
+export function generateMasterKey() {
+    return crypto.randomBytes(32).toString('base64');
+}
+//# sourceMappingURL=index.js.map

package/dist/cloud/vault/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/cloud/vault/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,EAAE,EAAE,MAAM,gBAAgB,CAAC;AAEpC,MAAM,SAAS,GAAG,aAAa,CAAC;AAChC,MAAM,SAAS,GAAG,EAAE,CAAC;AACrB,MAAM,eAAe,GAAG,EAAE,CAAC;AAsB3B,MAAM,OAAO,eAAe;IAClB,SAAS,CAAS;IAE1B;QACE,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,IAAI,CAAC,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;QAE/D,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,OAAO,CAAC,SAAiB;QAC/B,MAAM,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACzC,MAAM,MAAM,GAAG,MAAM,CAAC,cAAc,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAEpE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,MAAM,CAAC,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC;YAChC,MAAM,CAAC,KAAK,EAAE;SACf,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;QAEpC,4CAA4C;QAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC,CAAC;QACzD,OAAO,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACK,OAAO,CAAC,UAAkB;QAChC,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAEnD,MAAM,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,eAAe,CAAC,CAAC;QAC1E,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,CAAC,SAAS,GAAG,eAAe,CAAC,CAAC;QAEjE,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QACxE,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAE7B,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC9B,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC;YAC1B,QAAQ,CAAC,KAAK,EAAE;SACjB,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,UAA4B;QAChD,MAAM,oBAAoB,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAClE,MAAM,qBAAqB,GAAG,UAAU,CAAC,YAAY;YACnD,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC;YACvC,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC;YAC1B,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,WAAW,EAAE,oBAAoB;YACjC,YAAY,EAAE,qBAAqB;YACnC,cAAc,EAAE,UAAU,CAAC,cAAc;YACzC,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;YAC/C,oBAAoB,EAAE,UAAU,CAAC,oBAAoB;SACtD,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,MAAc,EAAE,QAAgB;QAClD,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,WAAW,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC;YACjD,YAAY,EAAE,UAAU,CAAC,YAAY;gBACnC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC;gBACvC,CAAC,CAAC,SAAS;YACb,cAAc,EAAE,UAAU,CAAC,cAAc,IAAI,SAAS;YACtD,MAAM,EAAE,UAAU,CAAC,MAAM,IAAI,SAAS;YACtC,iBAAiB,EAAE,UAAU,CAAC,iBAAiB,IAAI,SAAS;YAC5D,oBAAoB,EAAE,UAAU,CAAC,oBAAoB,IAAI,SAAS;SACnE,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAC,MAAc;QACrC,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,GAAG,EAA+B,CAAC;QAEtD,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE;gBACxB,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC;gBAC3C,YAAY,EAAE,IAAI,CAAC,YAAY;oBAC7B,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;oBACjC,CAAC,CAAC,SAAS;gBACb,cAAc,EAAE,IAAI,CAAC,cAAc,IAAI,SAAS;gBAChD,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,SAAS;gBAChC,iBAAiB,EAAE,IAAI,CAAC,iBAAiB,IAAI,SAAS;gBACtD,oBAAoB,EAAE,IAAI,CAAC,oBAAoB,IAAI,SAAS;aAC7D,CAAC,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,MAAc,EACd,QAAgB,EAChB,WAAmB,EACnB,YAAqB,EACrB,SAAgB;QAEhB,MAAM,oBAAoB,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACvD,MAAM,qBAAqB,GAAG,YAAY;YACxC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC;YAC5B,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,EAAE,CAAC,WAAW,CAAC,YAAY,CAC/B,MAAM,EACN,QAAQ,EACR,oBAAoB,EACpB,qBAAqB,EACrB,SAAS,CACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,QAAgB;QACrD,MAAM,EAAE,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc,EAAE,QAAgB;QACjD,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,WAAW,CAAC,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAChF,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,cAAc,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;QAClC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,UAAU,CAAC,cAAc,CAAC,OAAO,EAAE,GAAG,WAAW,CAAC;IACxE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,MAAc,EAAE,QAAgB;QACjD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC9D,IAAI,CAAC,UAAU,EAAE,YAAY,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,sCAAsC;QACtC,MAAM,gBAAgB,GAA2B;YAC/C,SAAS,EAAE,uCAAuC;YAClD,MAAM,EAAE,qCAAqC;YAC7C,MAAM,EAAE,qCAAqC;YAC7C,MAAM,EAAE,6CAA6C;SACtD,CAAC;QAEF,MAAM,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC5C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,KAAK,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;YAC3D,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,cAAc,GAAG,MAAM,CAAC,SAAS,CAAC,QAAyC,CAAC,CAAC;YAEnF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;gBACrC,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,mCAAmC;oBACnD,MAAM,EAAE,kBAAkB;iBAC3B;gBACD,IAAI,EAAE,IAAI,eAAe,CAAC;oBACxB,UAAU,EAAE,eAAe;oBAC3B,aAAa,EAAE,UAAU,CAAC,YAAY;oBACtC,SAAS,EAAG,cAAsB,EAAE,QAAQ,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ;oBACtE,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI;wBAC3B,aAAa,EAAG,cAAsB,EAAE,YAAY;qBACrD,CAAC;oBACF,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI;wBAC3B,aAAa,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY;qBAC1C,CAAC;iBACH,CAAC;aACH,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACpC,OAAO,CAAC,KAAK,CAAC,4BAA4B,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAC;gBAC9D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAI/B,CAAC;YAEF,MAAM,IAAI,CAAC,YAAY,CACrB,MAAM,EACN,QAAQ,EACR,IAAI,CAAC,YAAY,EACjB,IAAI,CAAC,aAAa,EAClB,IAAI,CAAC,UAAU;gBACb,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;gBAC/C,CAAC,CAAC,SAAS,CACd,CAAC;YAEF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,8BAA8B,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAC;YAChE,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF;AAED,qBAAqB;AACrB,IAAI,MAAM,GAA2B,IAAI,CAAC;AAE1C,MAAM,UAAU,QAAQ;IACtB,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IACjC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,MAAM,KAAK,GAAG;IACnB,IAAI,QAAQ;QACV,OAAO,QAAQ,EAAE,CAAC;IACpB,CAAC;IACD,eAAe,EAAE,CAAC,IAAsB,EAAE,EAAE,CAAC,QAAQ,EAAE,CAAC,eAAe,CAAC,IAAI,CAAC;IAC7E,aAAa,EAAE,CAAC,MAAc,EAAE,QAAgB,EAAE,EAAE,CAClD,QAAQ,EAAE,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC5C,kBAAkB,EAAE,CAAC,MAAc,EAAE,EAAE,CAAC,QAAQ,EAAE,CAAC,kBAAkB,CAAC,MAAM,CAAC;IAC7E,YAAY,EAAE,CACZ,MAAc,EACd,QAAgB,EAChB,WAAmB,EACnB,YAAqB,EACrB,SAAgB,EAChB,EAAE,CAAC,QAAQ,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,CAAC;IACpF,gBAAgB,EAAE,CAAC,MAAc,EAAE,QAAgB,EAAE,EAAE,CACrD,QAAQ,EAAE,CAAC,gBAAgB,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC/C,YAAY,EAAE,CAAC,MAAc,EAAE,QAAgB,EAAE,EAAE,CACjD,QAAQ,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC;IAC3C,YAAY,EAAE,CAAC,MAAc,EAAE,QAAgB,EAAE,EAAE,CACjD,QAAQ,EAAE,CAAC,YAAY,CAAC,MAAM,EAAE,QAAQ,CAAC;CAC5C,CAAC;AAEF,wCAAwC;AACxC,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC"}

package/dist/daemon/agent-manager.d.ts

@@ -0,0 +1,87 @@
+/**
+ * Agent Manager
+ * Manages agents across workspaces with integrated resiliency.
+ */
+import { EventEmitter } from 'events';
+import type { Agent, SpawnAgentRequest } from './types.js';
+export declare class AgentManager extends EventEmitter {
+    private agents;
+    private supervisor;
+    private dataDir;
+    private logsDir;
+    constructor(dataDir: string);
+    /**
+     * Spawn a new agent in a workspace
+     */
+    spawn(workspaceId: string, workspacePath: string, request: SpawnAgentRequest): Promise<Agent>;
+    /**
+     * Stop an agent
+     */
+    stop(agentId: string): Promise<boolean>;
+    /**
+     * Stop all agents in a workspace
+     */
+    stopAllInWorkspace(workspaceId: string): Promise<void>;
+    /**
+     * Stop all agents
+     */
+    stopAll(): Promise<void>;
+    /**
+     * Get an agent by ID
+     */
+    get(agentId: string): Agent | undefined;
+    /**
+     * Get all agents in a workspace
+     */
+    getByWorkspace(workspaceId: string): Agent[];
+    /**
+     * Get all agents
+     */
+    getAll(): Agent[];
+    /**
+     * Find agent by name in a workspace
+     */
+    findByName(workspaceId: string, name: string): Agent | undefined;
+    /**
+     * Get agent output/logs
+     */
+    getOutput(agentId: string, limit?: number): string[] | null;
+    /**
+     * Get raw output from agent
+     */
+    getRawOutput(agentId: string): string | null;
+    /**
+     * Send input to an agent
+     */
+    sendInput(agentId: string, input: string): boolean;
+    /**
+     * Restart an agent
+     */
+    private restartAgent;
+    /**
+     * Handle agent exit
+     */
+    private handleAgentExit;
+    /**
+     * Setup supervisor event handlers
+     */
+    private setupSupervisorEvents;
+    /**
+     * Get CLI command for provider
+     */
+    private getCliCommand;
+    /**
+     * Convert internal agent to public agent (without pty reference)
+     */
+    private toPublicAgent;
+    /**
+     * Emit a daemon event
+     */
+    private emitEvent;
+    /**
+     * Shutdown the agent manager
+     */
+    shutdown(): Promise<void>;
+}
+export declare function getAgentManager(dataDir?: string): AgentManager;
+//# sourceMappingURL=agent-manager.d.ts.map

package/dist/daemon/agent-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-manager.d.ts","sourceRoot":"","sources":["../../src/daemon/agent-manager.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAMtC,OAAO,KAAK,EACV,KAAK,EAGL,iBAAiB,EAClB,MAAM,YAAY,CAAC;AAYpB,qBAAa,YAAa,SAAQ,YAAY;IAC5C,OAAO,CAAC,MAAM,CAAmC;IACjD,OAAO,CAAC,UAAU,CAOf;IACH,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,OAAO,CAAS;gBAEZ,OAAO,EAAE,MAAM;IAmB3B;;OAEG;IACG,KAAK,CACT,WAAW,EAAE,MAAM,EACnB,aAAa,EAAE,MAAM,EACrB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,KAAK,CAAC;IA2HjB;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA2C7C;;OAEG;IACG,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAO5D;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAO9B;;OAEG;IACH,GAAG,CAAC,OAAO,EAAE,MAAM,GAAG,KAAK,GAAG,SAAS;IAKvC;;OAEG;IACH,cAAc,CAAC,WAAW,EAAE,MAAM,GAAG,KAAK,EAAE;IAM5C;;OAEG;IACH,MAAM,IAAI,KAAK,EAAE;IAIjB;;OAEG;IACH,UAAU,CAAC,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,KAAK,GAAG,SAAS;IAOhE;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,IAAI;IAM3D;;OAEG;IACH,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAM5C;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO;IAOlD;;OAEG;YACW,YAAY;IA0D1B;;OAEG;IACH,OAAO,CAAC,eAAe;IAmBvB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAmB7B;;OAEG;IACH,OAAO,CAAC,aAAa;IAarB;;OAEG;IACH,OAAO,CAAC,aAAa;IAgBrB;;OAEG;IACH,OAAO,CAAC,SAAS;IAIjB;;OAEG;IACG,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAKhC;AAID,wBAAgB,eAAe,CAAC,OAAO,CAAC,EAAE,MAAM,GAAG,YAAY,CAM9D"}