npm - agent-relay - Versions diffs - 1.2.0 → 1.3.0 - Mend

agent-relay 1.2.0 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (668) hide show

package/.gitattributes +3 -0
package/.nvmrc +1 -0
package/.trajectories/agent-relay-322-324.md +17 -0
package/.trajectories/completed/2026-01/traj_03zupyv1s7b9.json +49 -0
package/.trajectories/completed/2026-01/traj_03zupyv1s7b9.md +31 -0
package/.trajectories/completed/2026-01/traj_0zacdjl1g4ht.json +125 -0
package/.trajectories/completed/2026-01/traj_0zacdjl1g4ht.md +62 -0
package/.trajectories/completed/2026-01/traj_1dviorhnkcb5.json +65 -0
package/.trajectories/completed/2026-01/traj_1dviorhnkcb5.md +37 -0
package/.trajectories/completed/2026-01/traj_1k5if5snst2e.json +65 -0
package/.trajectories/completed/2026-01/traj_1k5if5snst2e.md +37 -0
package/.trajectories/completed/2026-01/traj_1rp3rges5811.json +49 -0
package/.trajectories/completed/2026-01/traj_1rp3rges5811.md +31 -0
package/.trajectories/completed/2026-01/traj_22bhyulruouw.json +113 -0
package/.trajectories/completed/2026-01/traj_22bhyulruouw.md +57 -0
package/.trajectories/completed/2026-01/traj_2dao7ddgnta0.json +53 -0
package/.trajectories/completed/2026-01/traj_2dao7ddgnta0.md +32 -0
package/.trajectories/completed/2026-01/traj_33iuy72sezbk.json +49 -0
package/.trajectories/completed/2026-01/traj_33iuy72sezbk.md +31 -0
package/.trajectories/completed/2026-01/traj_3t0440mjeunc.json +26 -0
package/.trajectories/completed/2026-01/traj_3t0440mjeunc.md +6 -0
package/.trajectories/completed/2026-01/traj_45x9494d9xnr.json +47 -0
package/.trajectories/completed/2026-01/traj_45x9494d9xnr.md +32 -0
package/.trajectories/completed/2026-01/traj_4aa0bb77s4nh.json +53 -0
package/.trajectories/completed/2026-01/traj_4aa0bb77s4nh.md +32 -0
package/.trajectories/completed/2026-01/traj_5ammh5qtvklq.json +77 -0
package/.trajectories/completed/2026-01/traj_5ammh5qtvklq.md +42 -0
package/.trajectories/completed/2026-01/traj_5lhmzq8rxpqv.json +59 -0
package/.trajectories/completed/2026-01/traj_5lhmzq8rxpqv.md +33 -0
package/.trajectories/completed/2026-01/traj_5vr4e9erb1fs.json +53 -0
package/.trajectories/completed/2026-01/traj_5vr4e9erb1fs.md +32 -0
package/.trajectories/completed/2026-01/traj_6fgiwdoklvym.json +48 -0
package/.trajectories/completed/2026-01/traj_6fgiwdoklvym.md +24 -0
package/.trajectories/completed/2026-01/traj_6mieijqyvaag.json +77 -0
package/.trajectories/completed/2026-01/traj_6mieijqyvaag.md +42 -0
package/.trajectories/completed/2026-01/traj_78ffm31jn3uk.json +77 -0
package/.trajectories/completed/2026-01/traj_78ffm31jn3uk.md +42 -0
package/.trajectories/completed/2026-01/traj_7ludwvz45veh.json +209 -0
package/.trajectories/completed/2026-01/traj_7ludwvz45veh.md +97 -0
package/.trajectories/completed/2026-01/traj_94gnp3k30goq.json +66 -0
package/.trajectories/completed/2026-01/traj_94gnp3k30goq.md +36 -0
package/.trajectories/completed/2026-01/traj_9921cuhel0pj.json +48 -0
package/.trajectories/completed/2026-01/traj_9921cuhel0pj.md +24 -0
package/.trajectories/completed/2026-01/traj_ajs7zqfux4wc.json +49 -0
package/.trajectories/completed/2026-01/traj_ajs7zqfux4wc.md +23 -0
package/.trajectories/completed/2026-01/traj_avqeghu6pz5a.json +40 -0
package/.trajectories/completed/2026-01/traj_avqeghu6pz5a.md +22 -0
package/.trajectories/completed/2026-01/traj_cvtqhlwcq9s0.json +53 -0
package/.trajectories/completed/2026-01/traj_cvtqhlwcq9s0.md +32 -0
package/.trajectories/completed/2026-01/traj_cxofprm2m2en.json +49 -0
package/.trajectories/completed/2026-01/traj_cxofprm2m2en.md +31 -0
package/.trajectories/completed/2026-01/traj_d2hhz3k0vrhn.json +26 -0
package/.trajectories/completed/2026-01/traj_d2hhz3k0vrhn.md +6 -0
package/.trajectories/completed/2026-01/traj_dcsp9s8y01ra.json +121 -0
package/.trajectories/completed/2026-01/traj_dcsp9s8y01ra.md +29 -0
package/.trajectories/completed/2026-01/traj_dfuvww9pege5.json +59 -0
package/.trajectories/completed/2026-01/traj_dfuvww9pege5.md +37 -0
package/.trajectories/completed/2026-01/traj_fhx9irlckht6.json +53 -0
package/.trajectories/completed/2026-01/traj_fhx9irlckht6.md +32 -0
package/.trajectories/completed/2026-01/traj_fqduidx3xbtp.json +101 -0
package/.trajectories/completed/2026-01/traj_fqduidx3xbtp.md +52 -0
package/.trajectories/completed/2026-01/traj_g0fisy9h51mf.json +77 -0
package/.trajectories/completed/2026-01/traj_g0fisy9h51mf.md +42 -0
package/.trajectories/completed/2026-01/traj_gjdre5voouod.json +53 -0
package/.trajectories/completed/2026-01/traj_gjdre5voouod.md +32 -0
package/.trajectories/completed/2026-01/traj_gtlyqtta3x8l.json +25 -0
package/.trajectories/completed/2026-01/traj_gtlyqtta3x8l.md +15 -0
package/.trajectories/completed/2026-01/traj_h4xijiuip3w4.json +101 -0
package/.trajectories/completed/2026-01/traj_h4xijiuip3w4.md +44 -0
package/.trajectories/completed/2026-01/traj_hf81ey93uz6t.json +49 -0
package/.trajectories/completed/2026-01/traj_hf81ey93uz6t.md +31 -0
package/.trajectories/completed/2026-01/traj_hfmki2jr9d4r.json +65 -0
package/.trajectories/completed/2026-01/traj_hfmki2jr9d4r.md +37 -0
package/.trajectories/completed/2026-01/traj_hhxte7w4gjjx.json +22 -0
package/.trajectories/completed/2026-01/traj_hhxte7w4gjjx.md +5 -0
package/.trajectories/completed/2026-01/traj_hpungyhoj6v5.json +53 -0
package/.trajectories/completed/2026-01/traj_hpungyhoj6v5.md +32 -0
package/.trajectories/completed/2026-01/traj_lq450ly148uw.json +49 -0
package/.trajectories/completed/2026-01/traj_lq450ly148uw.md +31 -0
package/.trajectories/completed/2026-01/traj_m2xkjv0w2sq7.json +25 -0
package/.trajectories/completed/2026-01/traj_m2xkjv0w2sq7.md +15 -0
package/.trajectories/completed/2026-01/traj_multi_server_arch.md +101 -0
package/.trajectories/completed/2026-01/traj_noq5zbvnrdvz.json +53 -0
package/.trajectories/completed/2026-01/traj_noq5zbvnrdvz.md +32 -0
package/.trajectories/completed/2026-01/traj_ntbs6ppopf46.json +53 -0
package/.trajectories/completed/2026-01/traj_ntbs6ppopf46.md +32 -0
package/.trajectories/completed/2026-01/traj_ozd98si6a7ns.json +48 -0
package/.trajectories/completed/2026-01/traj_ozd98si6a7ns.md +24 -0
package/.trajectories/completed/2026-01/traj_prdza7a5cxp5.json +53 -0
package/.trajectories/completed/2026-01/traj_prdza7a5cxp5.md +32 -0
package/.trajectories/completed/2026-01/traj_psd9ob0j2ru3.json +27 -0
package/.trajectories/completed/2026-01/traj_psd9ob0j2ru3.md +14 -0
package/.trajectories/completed/2026-01/traj_qb3twvvywfwi.json +77 -0
package/.trajectories/completed/2026-01/traj_qb3twvvywfwi.md +42 -0
package/.trajectories/completed/2026-01/traj_qft54mi7nfor.json +53 -0
package/.trajectories/completed/2026-01/traj_qft54mi7nfor.md +32 -0
package/.trajectories/completed/2026-01/traj_qx9uhf8whhxo.json +83 -0
package/.trajectories/completed/2026-01/traj_qx9uhf8whhxo.md +47 -0
package/.trajectories/completed/2026-01/traj_rd9toccj18a0.json +59 -0
package/.trajectories/completed/2026-01/traj_rd9toccj18a0.md +37 -0
package/.trajectories/completed/2026-01/traj_rt4fiw3ecp50.json +48 -0
package/.trajectories/completed/2026-01/traj_rt4fiw3ecp50.md +16 -0
package/.trajectories/completed/2026-01/traj_st8j35b0hrlc.json +59 -0
package/.trajectories/completed/2026-01/traj_st8j35b0hrlc.md +37 -0
package/.trajectories/completed/2026-01/traj_t1yy8m7hbuxp.json +53 -0
package/.trajectories/completed/2026-01/traj_t1yy8m7hbuxp.md +32 -0
package/.trajectories/completed/2026-01/traj_tmux_orchestrator_analysis.json +84 -0
package/.trajectories/completed/2026-01/traj_tmux_orchestrator_analysis.md +109 -0
package/.trajectories/completed/2026-01/traj_u9n9eqasw16k.json +53 -0
package/.trajectories/completed/2026-01/traj_u9n9eqasw16k.md +32 -0
package/.trajectories/completed/2026-01/traj_ub8csuv3lcv4.json +53 -0
package/.trajectories/completed/2026-01/traj_ub8csuv3lcv4.md +32 -0
package/.trajectories/completed/2026-01/traj_uc29tlso8i9s.json +186 -0
package/.trajectories/completed/2026-01/traj_uc29tlso8i9s.md +86 -0
package/.trajectories/completed/2026-01/traj_ui9b4tqxoa7j.json +77 -0
package/.trajectories/completed/2026-01/traj_ui9b4tqxoa7j.md +42 -0
package/.trajectories/completed/2026-01/traj_v87hypnongqx.json +71 -0
package/.trajectories/completed/2026-01/traj_v87hypnongqx.md +42 -0
package/.trajectories/completed/2026-01/traj_v9dkdoxylyid.json +89 -0
package/.trajectories/completed/2026-01/traj_v9dkdoxylyid.md +47 -0
package/.trajectories/completed/2026-01/traj_wkp2fgzdyinb.json +53 -0
package/.trajectories/completed/2026-01/traj_wkp2fgzdyinb.md +32 -0
package/.trajectories/completed/2026-01/traj_x14t8w8rn7xg.json +20 -0
package/.trajectories/completed/2026-01/traj_x14t8w8rn7xg.md +6 -0
package/.trajectories/completed/2026-01/traj_xnwbznkvv8ua.json +175 -0
package/.trajectories/completed/2026-01/traj_xnwbznkvv8ua.md +82 -0
package/.trajectories/completed/2026-01/traj_xy9vifpqet80.json +65 -0
package/.trajectories/completed/2026-01/traj_xy9vifpqet80.md +37 -0
package/.trajectories/completed/2026-01/traj_y7aiwijyfmmv.json +49 -0
package/.trajectories/completed/2026-01/traj_y7aiwijyfmmv.md +31 -0
package/.trajectories/completed/2026-01/traj_ysjc8zaeqtd3.json +47 -0
package/.trajectories/completed/2026-01/traj_ysjc8zaeqtd3.md +32 -0
package/.trajectories/completed/2026-01/traj_yvdadtvdgnz3.json +59 -0
package/.trajectories/completed/2026-01/traj_yvdadtvdgnz3.md +37 -0
package/.trajectories/completed/2026-01/traj_z0vcw1wrzide.json +53 -0
package/.trajectories/completed/2026-01/traj_z0vcw1wrzide.md +32 -0
package/.trajectories/consolidate-settings-panel.md +24 -0
package/.trajectories/gh-cli-user-token.md +26 -0
package/.trajectories/index.json +468 -0
package/ARCHITECTURE.md +1245 -0
package/TESTING.md +278 -0
package/deploy/init-db.sql +5 -0
package/deploy/scripts/setup-fly-workspaces.sh +69 -0
package/deploy/scripts/setup-railway.sh +75 -0
package/deploy/workspace/codex.config.toml +15 -0
package/deploy/workspace/entrypoint-browser.sh +118 -0
package/deploy/workspace/entrypoint.sh +508 -0
package/deploy/workspace/git-credential-relay +126 -0
package/dist/bridge/spawner.d.ts +7 -0
package/dist/bridge/spawner.js +40 -9
package/dist/bridge/types.d.ts +2 -0
package/dist/cli/index.js +260 -1
package/dist/cloud/api/admin.d.ts +8 -0
package/dist/cloud/api/admin.js +212 -0
package/dist/cloud/api/auth.js +8 -0
package/dist/cloud/api/billing.d.ts +0 -10
package/dist/cloud/api/billing.js +278 -67
package/dist/cloud/api/codex-auth-helper.d.ts +21 -0
package/dist/cloud/api/codex-auth-helper.js +307 -0
package/dist/cloud/api/coordinators.js +402 -0
package/dist/cloud/api/daemons.js +15 -11
package/dist/cloud/api/git.js +127 -19
package/dist/cloud/api/github-app.js +42 -8
package/dist/cloud/api/nango-auth.js +297 -16
package/dist/cloud/api/onboarding.js +112 -35
package/dist/cloud/api/providers.js +12 -16
package/dist/cloud/api/repos.d.ts +1 -0
package/dist/cloud/api/repos.js +311 -49
package/dist/cloud/api/test-helpers.js +40 -0
package/dist/cloud/api/usage.js +13 -0
package/dist/cloud/api/webhooks.d.ts +1 -0
package/dist/cloud/api/webhooks.js +149 -0
package/dist/cloud/api/workspaces.d.ts +18 -0
package/dist/cloud/api/workspaces.js +1042 -21
package/dist/cloud/billing/plans.js +19 -19
package/dist/cloud/config.d.ts +8 -0
package/dist/cloud/config.js +15 -0
package/dist/cloud/db/drizzle.d.ts +5 -2
package/dist/cloud/db/drizzle.js +27 -20
package/dist/cloud/db/schema.d.ts +19 -51
package/dist/cloud/db/schema.js +5 -4
package/dist/cloud/index.d.ts +0 -1
package/dist/cloud/index.js +0 -1
package/dist/cloud/provisioner/index.d.ts +125 -1
package/dist/cloud/provisioner/index.js +939 -53
package/dist/cloud/server.js +161 -16
package/dist/cloud/services/compute-enforcement.d.ts +57 -0
package/dist/cloud/services/compute-enforcement.js +175 -0
package/dist/cloud/services/index.d.ts +2 -0
package/dist/cloud/services/index.js +4 -0
package/dist/cloud/services/intro-expiration.d.ts +55 -0
package/dist/cloud/services/intro-expiration.js +211 -0
package/dist/cloud/services/nango.d.ts +74 -0
package/dist/cloud/services/nango.js +218 -5
package/dist/cloud/services/planLimits.d.ts +22 -0
package/dist/cloud/services/planLimits.js +58 -5
package/dist/cloud/services/ssh-security.d.ts +31 -0
package/dist/cloud/services/ssh-security.js +63 -0
package/dist/continuity/manager.d.ts +5 -0
package/dist/continuity/manager.js +56 -2
package/dist/daemon/api.d.ts +2 -0
package/dist/daemon/api.js +214 -5
package/dist/daemon/cli-auth.d.ts +13 -1
package/dist/daemon/cli-auth.js +166 -47
package/dist/daemon/connection.d.ts +7 -1
package/dist/daemon/connection.js +15 -0
package/dist/daemon/orchestrator.d.ts +2 -0
package/dist/daemon/orchestrator.js +26 -0
package/dist/daemon/repo-manager.d.ts +116 -0
package/dist/daemon/repo-manager.js +384 -0
package/dist/daemon/router.d.ts +60 -1
package/dist/daemon/router.js +281 -20
package/dist/daemon/user-directory.d.ts +111 -0
package/dist/daemon/user-directory.js +233 -0
package/dist/dashboard/out/404.html +1 -1
package/dist/dashboard/out/_next/static/T1tgCqVWHFIkV7ClEtzD7/_ssgManifest.js +1 -0
package/dist/dashboard/out/_next/static/chunks/532-bace199897eeab37.js +9 -0
package/dist/dashboard/out/_next/static/chunks/766-b54f0853794b78c3.js +1 -0
package/dist/dashboard/out/_next/static/chunks/83-b51836037078006c.js +1 -0
package/dist/dashboard/out/_next/static/chunks/891-6cd50de1224f70bb.js +1 -0
package/dist/dashboard/out/_next/static/chunks/899-bb19a9b3d9b39ea6.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/app/onboarding/page-8939b0fc700f7eca.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/app/page-5af1b6b439858aa6.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/metrics/page-ac39dc0cc3c26fa7.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/{page-daf87e86f783f980.js → page-4a5938c18a11a654.js} +1 -1
package/dist/dashboard/out/_next/static/chunks/app/providers/page-ac3a6ac433fd6001.js +1 -0
package/dist/dashboard/out/_next/static/chunks/app/providers/setup/[provider]/page-09f9caae98a18c09.js +1 -0
package/dist/dashboard/out/_next/static/chunks/{main-97850e03d723ea8c.js → main-2ee6beb2ae96d210.js} +1 -1
package/dist/dashboard/out/_next/static/css/85d2af9c7ac74d62.css +1 -0
package/dist/dashboard/out/_next/static/css/fe4b28883eeff359.css +1 -0
package/dist/dashboard/out/app/onboarding.html +1 -0
package/dist/dashboard/out/app/onboarding.txt +7 -0
package/dist/dashboard/out/app.html +1 -1
package/dist/dashboard/out/app.txt +3 -3
package/dist/dashboard/out/apple-icon.png +0 -0
package/dist/dashboard/out/connect-repos.html +1 -1
package/dist/dashboard/out/connect-repos.txt +3 -3
package/dist/dashboard/out/history.html +1 -1
package/dist/dashboard/out/history.txt +3 -3
package/dist/dashboard/out/index.html +1 -1
package/dist/dashboard/out/index.txt +3 -3
package/dist/dashboard/out/login.html +2 -2
package/dist/dashboard/out/login.txt +3 -3
package/dist/dashboard/out/metrics.html +1 -1
package/dist/dashboard/out/metrics.txt +3 -3
package/dist/dashboard/out/pricing.html +3 -3
package/dist/dashboard/out/pricing.txt +3 -3
package/dist/dashboard/out/providers/setup/claude.html +1 -0
package/dist/dashboard/out/providers/setup/claude.txt +8 -0
package/dist/dashboard/out/providers/setup/codex.html +1 -0
package/dist/dashboard/out/providers/setup/codex.txt +8 -0
package/dist/dashboard/out/providers.html +1 -1
package/dist/dashboard/out/providers.txt +3 -3
package/dist/dashboard/out/signup.html +2 -2
package/dist/dashboard/out/signup.txt +3 -3
package/dist/dashboard-server/server.js +316 -12
package/dist/dashboard-server/user-bridge.d.ts +103 -0
package/dist/dashboard-server/user-bridge.js +189 -0
package/dist/protocol/channels.d.ts +205 -0
package/dist/protocol/channels.js +154 -0
package/dist/protocol/types.d.ts +13 -1
package/dist/resiliency/provider-context.js +2 -0
package/dist/shared/cli-auth-config.d.ts +19 -0
package/dist/shared/cli-auth-config.js +58 -2
package/dist/utils/agent-config.js +1 -1
package/dist/wrapper/auth-detection.d.ts +49 -0
package/dist/wrapper/auth-detection.js +192 -0
package/dist/wrapper/base-wrapper.d.ts +153 -0
package/dist/wrapper/base-wrapper.js +393 -0
package/dist/wrapper/client.d.ts +7 -1
package/dist/wrapper/client.js +3 -0
package/dist/wrapper/index.d.ts +1 -0
package/dist/wrapper/index.js +4 -3
package/dist/wrapper/pty-wrapper.d.ts +62 -84
package/dist/wrapper/pty-wrapper.js +154 -180
package/dist/wrapper/tmux-wrapper.d.ts +41 -66
package/dist/wrapper/tmux-wrapper.js +90 -134
package/package.json +5 -12
package/scripts/postinstall.js +11 -155
package/scripts/test-interactive-terminal.sh +248 -0
package/test-push.txt +1 -0
package/bin/tmux +0 -0
package/dist/bridge/config.d.ts.map +0 -1
package/dist/bridge/config.js.map +0 -1
package/dist/bridge/index.d.ts.map +0 -1
package/dist/bridge/index.js.map +0 -1
package/dist/bridge/multi-project-client.d.ts.map +0 -1
package/dist/bridge/multi-project-client.js.map +0 -1
package/dist/bridge/shadow-cli.d.ts.map +0 -1
package/dist/bridge/shadow-cli.js.map +0 -1
package/dist/bridge/shadow-config.d.ts.map +0 -1
package/dist/bridge/shadow-config.js.map +0 -1
package/dist/bridge/spawner.d.ts.map +0 -1
package/dist/bridge/spawner.js.map +0 -1
package/dist/bridge/teams-config.d.ts.map +0 -1
package/dist/bridge/teams-config.js.map +0 -1
package/dist/bridge/types.d.ts.map +0 -1
package/dist/bridge/types.js.map +0 -1
package/dist/bridge/utils.d.ts.map +0 -1
package/dist/bridge/utils.js.map +0 -1
package/dist/cli/index.d.ts.map +0 -1
package/dist/cli/index.js.map +0 -1
package/dist/cloud/api/auth.d.ts.map +0 -1
package/dist/cloud/api/auth.js.map +0 -1
package/dist/cloud/api/billing.d.ts.map +0 -1
package/dist/cloud/api/billing.js.map +0 -1
package/dist/cloud/api/cli-pty-runner.d.ts.map +0 -1
package/dist/cloud/api/cli-pty-runner.js.map +0 -1
package/dist/cloud/api/coordinators.d.ts.map +0 -1
package/dist/cloud/api/coordinators.js.map +0 -1
package/dist/cloud/api/daemons.d.ts.map +0 -1
package/dist/cloud/api/daemons.js.map +0 -1
package/dist/cloud/api/generic-webhooks.d.ts.map +0 -1
package/dist/cloud/api/generic-webhooks.js.map +0 -1
package/dist/cloud/api/git.d.ts.map +0 -1
package/dist/cloud/api/git.js.map +0 -1
package/dist/cloud/api/github-app.d.ts.map +0 -1
package/dist/cloud/api/github-app.js.map +0 -1
package/dist/cloud/api/middleware/planLimits.d.ts.map +0 -1
package/dist/cloud/api/middleware/planLimits.js.map +0 -1
package/dist/cloud/api/monitoring.d.ts.map +0 -1
package/dist/cloud/api/monitoring.js.map +0 -1
package/dist/cloud/api/nango-auth.d.ts.map +0 -1
package/dist/cloud/api/nango-auth.js.map +0 -1
package/dist/cloud/api/onboarding.d.ts.map +0 -1
package/dist/cloud/api/onboarding.js.map +0 -1
package/dist/cloud/api/policy.d.ts.map +0 -1
package/dist/cloud/api/policy.js.map +0 -1
package/dist/cloud/api/providers.d.ts.map +0 -1
package/dist/cloud/api/providers.js.map +0 -1
package/dist/cloud/api/repos.d.ts.map +0 -1
package/dist/cloud/api/repos.js.map +0 -1
package/dist/cloud/api/teams.d.ts.map +0 -1
package/dist/cloud/api/teams.js.map +0 -1
package/dist/cloud/api/test-helpers.d.ts.map +0 -1
package/dist/cloud/api/test-helpers.js.map +0 -1
package/dist/cloud/api/usage.d.ts.map +0 -1
package/dist/cloud/api/usage.js.map +0 -1
package/dist/cloud/api/webhooks.d.ts.map +0 -1
package/dist/cloud/api/webhooks.js.map +0 -1
package/dist/cloud/api/workspaces.d.ts.map +0 -1
package/dist/cloud/api/workspaces.js.map +0 -1
package/dist/cloud/billing/index.d.ts.map +0 -1
package/dist/cloud/billing/index.js.map +0 -1
package/dist/cloud/billing/plans.d.ts.map +0 -1
package/dist/cloud/billing/plans.js.map +0 -1
package/dist/cloud/billing/service.d.ts.map +0 -1
package/dist/cloud/billing/service.js.map +0 -1
package/dist/cloud/billing/types.d.ts.map +0 -1
package/dist/cloud/billing/types.js.map +0 -1
package/dist/cloud/config.d.ts.map +0 -1
package/dist/cloud/config.js.map +0 -1
package/dist/cloud/db/drizzle.d.ts.map +0 -1
package/dist/cloud/db/drizzle.js.map +0 -1
package/dist/cloud/db/index.d.ts.map +0 -1
package/dist/cloud/db/index.js.map +0 -1
package/dist/cloud/db/schema.d.ts.map +0 -1
package/dist/cloud/db/schema.js.map +0 -1
package/dist/cloud/index.d.ts.map +0 -1
package/dist/cloud/index.js.map +0 -1
package/dist/cloud/provisioner/index.d.ts.map +0 -1
package/dist/cloud/provisioner/index.js.map +0 -1
package/dist/cloud/server.d.ts.map +0 -1
package/dist/cloud/server.js.map +0 -1
package/dist/cloud/services/auto-scaler.d.ts.map +0 -1
package/dist/cloud/services/auto-scaler.js.map +0 -1
package/dist/cloud/services/capacity-manager.d.ts.map +0 -1
package/dist/cloud/services/capacity-manager.js.map +0 -1
package/dist/cloud/services/ci-agent-spawner.d.ts.map +0 -1
package/dist/cloud/services/ci-agent-spawner.js.map +0 -1
package/dist/cloud/services/coordinator.d.ts.map +0 -1
package/dist/cloud/services/coordinator.js.map +0 -1
package/dist/cloud/services/index.d.ts.map +0 -1
package/dist/cloud/services/index.js.map +0 -1
package/dist/cloud/services/mention-handler.d.ts.map +0 -1
package/dist/cloud/services/mention-handler.js.map +0 -1
package/dist/cloud/services/nango.d.ts.map +0 -1
package/dist/cloud/services/nango.js.map +0 -1
package/dist/cloud/services/persistence.d.ts.map +0 -1
package/dist/cloud/services/persistence.js.map +0 -1
package/dist/cloud/services/planLimits.d.ts.map +0 -1
package/dist/cloud/services/planLimits.js.map +0 -1
package/dist/cloud/services/scaling-orchestrator.d.ts.map +0 -1
package/dist/cloud/services/scaling-orchestrator.js.map +0 -1
package/dist/cloud/services/scaling-policy.d.ts.map +0 -1
package/dist/cloud/services/scaling-policy.js.map +0 -1
package/dist/cloud/vault/index.d.ts +0 -76
package/dist/cloud/vault/index.d.ts.map +0 -1
package/dist/cloud/vault/index.js +0 -219
package/dist/cloud/vault/index.js.map +0 -1
package/dist/cloud/webhooks/index.d.ts.map +0 -1
package/dist/cloud/webhooks/index.js.map +0 -1
package/dist/cloud/webhooks/parsers/github.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/github.js.map +0 -1
package/dist/cloud/webhooks/parsers/index.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/index.js.map +0 -1
package/dist/cloud/webhooks/parsers/linear.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/linear.js.map +0 -1
package/dist/cloud/webhooks/parsers/slack.d.ts.map +0 -1
package/dist/cloud/webhooks/parsers/slack.js.map +0 -1
package/dist/cloud/webhooks/responders/github.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/github.js.map +0 -1
package/dist/cloud/webhooks/responders/index.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/index.js.map +0 -1
package/dist/cloud/webhooks/responders/linear.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/linear.js.map +0 -1
package/dist/cloud/webhooks/responders/slack.d.ts.map +0 -1
package/dist/cloud/webhooks/responders/slack.js.map +0 -1
package/dist/cloud/webhooks/router.d.ts.map +0 -1
package/dist/cloud/webhooks/router.js.map +0 -1
package/dist/cloud/webhooks/rules-engine.d.ts.map +0 -1
package/dist/cloud/webhooks/rules-engine.js.map +0 -1
package/dist/cloud/webhooks/types.d.ts.map +0 -1
package/dist/cloud/webhooks/types.js.map +0 -1
package/dist/continuity/formatter.d.ts.map +0 -1
package/dist/continuity/formatter.js.map +0 -1
package/dist/continuity/handoff-store.d.ts.map +0 -1
package/dist/continuity/handoff-store.js.map +0 -1
package/dist/continuity/index.d.ts.map +0 -1
package/dist/continuity/index.js.map +0 -1
package/dist/continuity/ledger-store.d.ts.map +0 -1
package/dist/continuity/ledger-store.js.map +0 -1
package/dist/continuity/manager.d.ts.map +0 -1
package/dist/continuity/manager.js.map +0 -1
package/dist/continuity/parser.d.ts.map +0 -1
package/dist/continuity/parser.js.map +0 -1
package/dist/continuity/types.d.ts.map +0 -1
package/dist/continuity/types.js.map +0 -1
package/dist/daemon/agent-manager.d.ts.map +0 -1
package/dist/daemon/agent-manager.js.map +0 -1
package/dist/daemon/agent-registry.d.ts.map +0 -1
package/dist/daemon/agent-registry.js.map +0 -1
package/dist/daemon/api.d.ts.map +0 -1
package/dist/daemon/api.js.map +0 -1
package/dist/daemon/auth.d.ts.map +0 -1
package/dist/daemon/auth.js.map +0 -1
package/dist/daemon/cli-auth.d.ts.map +0 -1
package/dist/daemon/cli-auth.js.map +0 -1
package/dist/daemon/cloud-sync.d.ts.map +0 -1
package/dist/daemon/cloud-sync.js.map +0 -1
package/dist/daemon/connection.d.ts.map +0 -1
package/dist/daemon/connection.js.map +0 -1
package/dist/daemon/index.d.ts.map +0 -1
package/dist/daemon/index.js.map +0 -1
package/dist/daemon/orchestrator.d.ts.map +0 -1
package/dist/daemon/orchestrator.js.map +0 -1
package/dist/daemon/registry.d.ts.map +0 -1
package/dist/daemon/registry.js.map +0 -1
package/dist/daemon/router.d.ts.map +0 -1
package/dist/daemon/router.js.map +0 -1
package/dist/daemon/server.d.ts.map +0 -1
package/dist/daemon/server.js.map +0 -1
package/dist/daemon/services/browser-testing.d.ts.map +0 -1
package/dist/daemon/services/browser-testing.js.map +0 -1
package/dist/daemon/services/container-spawner.d.ts.map +0 -1
package/dist/daemon/services/container-spawner.js.map +0 -1
package/dist/daemon/types.d.ts.map +0 -1
package/dist/daemon/types.js.map +0 -1
package/dist/daemon/workspace-manager.d.ts.map +0 -1
package/dist/daemon/workspace-manager.js.map +0 -1
package/dist/dashboard/out/_next/static/H5aWG0udPB4iOUIl_gytz/_ssgManifest.js +0 -1
package/dist/dashboard/out/_next/static/chunks/480-2d4111711d4e473c.js +0 -1
package/dist/dashboard/out/_next/static/chunks/724-73c1ee5f60abe860.js +0 -9
package/dist/dashboard/out/_next/static/chunks/766-c3a14283c88d815b.js +0 -1
package/dist/dashboard/out/_next/static/chunks/app/app/page-7120be68bea622f3.js +0 -1
package/dist/dashboard/out/_next/static/chunks/app/metrics/page-1081dd190a331a91.js +0 -1
package/dist/dashboard/out/_next/static/chunks/app/providers/page-b68a681526eb145e.js +0 -1
package/dist/dashboard/out/_next/static/css/29852f26181969a0.css +0 -1
package/dist/dashboard/out/_next/static/css/411ce23ffeae9f76.css +0 -1
package/dist/dashboard-server/metrics.d.ts.map +0 -1
package/dist/dashboard-server/metrics.js.map +0 -1
package/dist/dashboard-server/needs-attention.d.ts.map +0 -1
package/dist/dashboard-server/needs-attention.js.map +0 -1
package/dist/dashboard-server/server.d.ts.map +0 -1
package/dist/dashboard-server/server.js.map +0 -1
package/dist/dashboard-server/start.d.ts.map +0 -1
package/dist/dashboard-server/start.js.map +0 -1
package/dist/hooks/emitter.d.ts.map +0 -1
package/dist/hooks/emitter.js.map +0 -1
package/dist/hooks/inbox-check/hook.d.ts.map +0 -1
package/dist/hooks/inbox-check/hook.js.map +0 -1
package/dist/hooks/inbox-check/index.d.ts.map +0 -1
package/dist/hooks/inbox-check/index.js.map +0 -1
package/dist/hooks/inbox-check/types.d.ts.map +0 -1
package/dist/hooks/inbox-check/types.js.map +0 -1
package/dist/hooks/inbox-check/utils.d.ts.map +0 -1
package/dist/hooks/inbox-check/utils.js.map +0 -1
package/dist/hooks/index.d.ts.map +0 -1
package/dist/hooks/index.js.map +0 -1
package/dist/hooks/registry.d.ts.map +0 -1
package/dist/hooks/registry.js.map +0 -1
package/dist/hooks/trajectory-hooks.d.ts.map +0 -1
package/dist/hooks/trajectory-hooks.js.map +0 -1
package/dist/hooks/types.d.ts.map +0 -1
package/dist/hooks/types.js.map +0 -1
package/dist/index.d.ts.map +0 -1
package/dist/index.js.map +0 -1
package/dist/memory/adapters/index.d.ts.map +0 -1
package/dist/memory/adapters/index.js.map +0 -1
package/dist/memory/adapters/inmemory.d.ts.map +0 -1
package/dist/memory/adapters/inmemory.js.map +0 -1
package/dist/memory/adapters/supermemory.d.ts.map +0 -1
package/dist/memory/adapters/supermemory.js.map +0 -1
package/dist/memory/factory.d.ts.map +0 -1
package/dist/memory/factory.js.map +0 -1
package/dist/memory/index.d.ts.map +0 -1
package/dist/memory/index.js.map +0 -1
package/dist/memory/memory-hooks.d.ts.map +0 -1
package/dist/memory/memory-hooks.js.map +0 -1
package/dist/memory/service.d.ts.map +0 -1
package/dist/memory/service.js.map +0 -1
package/dist/memory/types.d.ts.map +0 -1
package/dist/memory/types.js.map +0 -1
package/dist/policy/agent-policy.d.ts.map +0 -1
package/dist/policy/agent-policy.js.map +0 -1
package/dist/policy/cloud-policy-fetcher.d.ts.map +0 -1
package/dist/policy/cloud-policy-fetcher.js.map +0 -1
package/dist/protocol/framing.d.ts.map +0 -1
package/dist/protocol/framing.js.map +0 -1
package/dist/protocol/index.d.ts.map +0 -1
package/dist/protocol/index.js.map +0 -1
package/dist/protocol/types.d.ts.map +0 -1
package/dist/protocol/types.js.map +0 -1
package/dist/resiliency/context-persistence.d.ts.map +0 -1
package/dist/resiliency/context-persistence.js.map +0 -1
package/dist/resiliency/crash-insights.d.ts.map +0 -1
package/dist/resiliency/crash-insights.js.map +0 -1
package/dist/resiliency/gossip-health.d.ts.map +0 -1
package/dist/resiliency/gossip-health.js.map +0 -1
package/dist/resiliency/health-monitor.d.ts.map +0 -1
package/dist/resiliency/health-monitor.js.map +0 -1
package/dist/resiliency/index.d.ts.map +0 -1
package/dist/resiliency/index.js.map +0 -1
package/dist/resiliency/leader-watchdog.d.ts.map +0 -1
package/dist/resiliency/leader-watchdog.js.map +0 -1
package/dist/resiliency/logger.d.ts.map +0 -1
package/dist/resiliency/logger.js.map +0 -1
package/dist/resiliency/memory-monitor.d.ts.map +0 -1
package/dist/resiliency/memory-monitor.js.map +0 -1
package/dist/resiliency/metrics.d.ts.map +0 -1
package/dist/resiliency/metrics.js.map +0 -1
package/dist/resiliency/provider-context.d.ts.map +0 -1
package/dist/resiliency/provider-context.js.map +0 -1
package/dist/resiliency/stateless-lead.d.ts.map +0 -1
package/dist/resiliency/stateless-lead.js.map +0 -1
package/dist/resiliency/supervisor.d.ts.map +0 -1
package/dist/resiliency/supervisor.js.map +0 -1
package/dist/shared/cli-auth-config.d.ts.map +0 -1
package/dist/shared/cli-auth-config.js.map +0 -1
package/dist/state/agent-state.d.ts.map +0 -1
package/dist/state/agent-state.js.map +0 -1
package/dist/storage/adapter.d.ts.map +0 -1
package/dist/storage/adapter.js.map +0 -1
package/dist/storage/sqlite-adapter.d.ts.map +0 -1
package/dist/storage/sqlite-adapter.js.map +0 -1
package/dist/trajectory/config.d.ts.map +0 -1
package/dist/trajectory/config.js.map +0 -1
package/dist/trajectory/index.d.ts.map +0 -1
package/dist/trajectory/index.js.map +0 -1
package/dist/trajectory/integration.d.ts.map +0 -1
package/dist/trajectory/integration.js.map +0 -1
package/dist/utils/agent-config.d.ts.map +0 -1
package/dist/utils/agent-config.js.map +0 -1
package/dist/utils/command-resolver.d.ts.map +0 -1
package/dist/utils/command-resolver.js.map +0 -1
package/dist/utils/index.d.ts.map +0 -1
package/dist/utils/index.js.map +0 -1
package/dist/utils/logger.d.ts.map +0 -1
package/dist/utils/logger.js.map +0 -1
package/dist/utils/name-generator.d.ts.map +0 -1
package/dist/utils/name-generator.js.map +0 -1
package/dist/utils/project-namespace.d.ts.map +0 -1
package/dist/utils/project-namespace.js.map +0 -1
package/dist/utils/tmux-resolver.d.ts.map +0 -1
package/dist/utils/tmux-resolver.js.map +0 -1
package/dist/utils/update-checker.d.ts.map +0 -1
package/dist/utils/update-checker.js.map +0 -1
package/dist/wrapper/client.d.ts.map +0 -1
package/dist/wrapper/client.js.map +0 -1
package/dist/wrapper/inbox.d.ts.map +0 -1
package/dist/wrapper/inbox.js.map +0 -1
package/dist/wrapper/index.d.ts.map +0 -1
package/dist/wrapper/index.js.map +0 -1
package/dist/wrapper/parser.d.ts.map +0 -1
package/dist/wrapper/parser.js.map +0 -1
package/dist/wrapper/pty-wrapper.d.ts.map +0 -1
package/dist/wrapper/pty-wrapper.js.map +0 -1
package/dist/wrapper/shared.d.ts.map +0 -1
package/dist/wrapper/shared.js.map +0 -1
package/dist/wrapper/tmux-wrapper.d.ts.map +0 -1
package/dist/wrapper/tmux-wrapper.js.map +0 -1
package/docs/AGENTS.md +0 -513
package/docs/ARCHITECTURE_DECISIONS.md +0 -175
package/docs/CLOUD-ARCHITECTURE.md +0 -804
package/docs/CLOUD-ONBOARDING-DESIGN.md +0 -1983
package/docs/CONTRIBUTING.md +0 -151
package/docs/HOOKS_API.md +0 -394
package/docs/INTEGRATION-GUIDE.md +0 -926
package/docs/PROTOCOL.md +0 -325
package/docs/WRAPPER_EVENTS.md +0 -358
package/docs/agent-policy-snippet.md +0 -40
package/docs/agent-relay-protocol.md +0 -238
package/docs/agent-relay-snippet.md +0 -174
package/docs/archive/CHANGELOG.md +0 -11
package/docs/archive/CLI-SIMPLIFICATION-COMPLETE.md +0 -48
package/docs/archive/DESIGN_BRIDGE_STAFFING.md +0 -878
package/docs/archive/DESIGN_V2.md +0 -1079
package/docs/archive/EXECUTIVE_SUMMARY.md +0 -358
package/docs/archive/MONETIZATION.md +0 -1679
package/docs/archive/PROPOSAL-trajectories.md +0 -1582
package/docs/archive/ROADMAP.md +0 -329
package/docs/archive/SCALING_ANALYSIS.md +0 -280
package/docs/archive/TESTING_PRESENCE_FEATURES.md +0 -327
package/docs/archive/TMUX_IMPLEMENTATION_NOTES.md +0 -364
package/docs/archive/TMUX_IMPROVEMENTS.md +0 -968
package/docs/archive/dashboard-v2-plan.md +0 -179
package/docs/archive/removable-code-analysis.md +0 -24
package/docs/competitive/GASTOWN.md +0 -451
package/docs/competitive/MCP_AGENT_MAIL.md +0 -389
package/docs/competitive/OVERVIEW.md +0 -898
package/docs/competitive/README.md +0 -34
package/docs/competitive/TMUX_ORCHESTRATOR.md +0 -605
package/docs/dashboard.png +0 -0
package/docs/design/ci-failure-webhooks.md +0 -812
package/docs/design/comprehensive-integrations.md +0 -238
package/docs/design/e2b-sandbox-integration.md +0 -504
package/docs/design/github-app-permissions.md +0 -264
package/docs/guides/CLOUD.md +0 -236
package/docs/guides/LOCAL.md +0 -535
package/docs/guides/SELF-HOSTED.md +0 -494
package/docs/local-testing.md +0 -428
package/docs/proposals/continuous-claude-integration.md +0 -622
package/docs/proposals/custom-commands.md +0 -368
package/docs/proposals/shadow-as-subagent.md +0 -765
package/docs/proposals/slack-bot-integration.md +0 -1457
package/docs/tasks/global-skills-system.tasks.md +0 -230
package/docs/tasks/webhook-integrations.tasks.md +0 -184
package/docs/tasks/workspace-capabilities.tasks.md +0 -121
package/docs/testing/RESILIENCY-TEST-PLAN-2026-01-01.md +0 -366
package/scripts/cloud-setup.sh +0 -96
package/scripts/dev/PUBLIC_RELEASE_PLAN.md +0 -88
package/scripts/dev/dev-team-setup.sh +0 -431
package/scripts/e2e-test.sh +0 -119
package/scripts/games/game-protocol.md +0 -79
package/scripts/games/hearts-setup.sh +0 -264
package/scripts/manual-qa.sh +0 -293
package/scripts/run-cloud-qa.sh +0 -220
package/scripts/test-cli-auth/Dockerfile +0 -44
package/scripts/test-cli-auth/Dockerfile.real +0 -79
package/scripts/test-cli-auth/README.md +0 -286
package/scripts/test-cli-auth/ci-test-real-clis.ts +0 -251
package/scripts/test-cli-auth/ci-test-runner.ts +0 -263
package/scripts/test-cli-auth/mock-cli.sh +0 -147
package/scripts/test-cli-auth/package.json +0 -14
package/scripts/test-cli-auth/test-oauth-flow.ts +0 -220
package/scripts/test-pty-input-auto.js +0 -222
package/scripts/test-pty-input.js +0 -150
package/scripts/tictactoe-setup.sh +0 -181
/package/dist/dashboard/out/_next/static/{H5aWG0udPB4iOUIl_gytz → T1tgCqVWHFIkV7ClEtzD7}/_buildManifest.js +0 -0
/package/dist/dashboard/out/_next/static/chunks/{117-b100311aff8d5c61.js → 117-f7b8ab0809342e77.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/{648-a13d3c2b1be45466.js → 648-5cc6e1921389a58a.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/_not-found/{page-a4973f3e3c82fb67.js → page-53b8a69f76db17d0.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/connect-repos/{page-dc2e3a1a22478efc.js → page-f45ecbc3e06134fc.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/history/{page-56a8b4616a90dc43.js → page-8c8bed33beb2bf1c.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/login/{page-3eac37ea6f5dd153.js → page-16f3b49e55b1e0ed.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/pricing/{page-4d72d5a5d8a9b618.js → page-982a7000fee44014.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/app/signup/{page-fee4ed1709070bcd.js → page-547dd0ca55ecd0ba.js} +0 -0
/package/dist/dashboard/out/_next/static/chunks/{fd9d1056-bf46c09eb57e019c.js → fd9d1056-609918ca7b6280bb.js} +0 -0

package/dist/cloud/api/repos.js CHANGED Viewed

@@ -2,10 +2,62 @@
  * Repos API Routes
  *
  * GitHub repository management - list, import, sync.
+ * Includes Nango-based GitHub permission checking for dashboard access control.
  */
+import crypto from 'crypto';
 import { Router } from 'express';
 import { requireAuth } from './auth.js';
 import { db } from '../db/index.js';
+import { nangoService } from '../services/nango.js';
+import { getConfig } from '../config.js';
+/**
+ * Generate workspace token for API calls to workspace containers
+ */
+function generateWorkspaceToken(workspaceId) {
+    const config = getConfig();
+    return crypto
+        .createHmac('sha256', config.sessionSecret)
+        .update(`workspace:${workspaceId}`)
+        .digest('hex');
+}
+/**
+ * Call workspace API endpoint
+ */
+async function callWorkspaceApi(publicUrl, workspaceId, method, endpoint, body) {
+    const token = generateWorkspaceToken(workspaceId);
+    const url = `${publicUrl.replace(/\/$/, '')}${endpoint}`;
+    try {
+        const response = await fetch(url, {
+            method,
+            headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${token}`,
+            },
+            body: body ? JSON.stringify(body) : undefined,
+        });
+        const data = await response.json().catch((parseError) => {
+            console.error('Failed to parse JSON from workspace response', {
+                url,
+                status: response.status,
+                error: parseError instanceof Error ? parseError.message : parseError,
+            });
+            return null;
+        });
+        return {
+            ok: response.ok,
+            status: response.status,
+            data,
+            error: response.ok ? undefined : (data?.error || `HTTP ${response.status}`),
+        };
+    }
+    catch (err) {
+        return {
+            ok: false,
+            status: 0,
+            error: err instanceof Error ? err.message : 'Network error',
+        };
+    }
+}
 export const reposRouter = Router();
 // All routes require authentication
 reposRouter.use(requireAuth);
@@ -187,6 +239,228 @@ reposRouter.post('/bulk', async (req, res) => {
         results,
     });
 });
+/**
+ * GET /api/repos/accessible
+ * List all GitHub repositories the authenticated user has access to.
+ * Uses Nango proxy with user's GitHub OAuth token.
+ */
+reposRouter.get('/accessible', async (req, res) => {
+    const userId = req.session.userId;
+    const { page, perPage, type, sort } = req.query;
+    try {
+        // Get user's Nango connection ID
+        const user = await db.users.findById(userId);
+        if (!user) {
+            return res.status(404).json({ error: 'User not found' });
+        }
+        if (!user.nangoConnectionId) {
+            return res.status(400).json({
+                error: 'GitHub not connected via Nango',
+                code: 'NANGO_NOT_CONNECTED',
+                message: 'Please reconnect your GitHub account',
+            });
+        }
+        // List accessible repos via Nango proxy
+        const result = await nangoService.listUserAccessibleRepos(user.nangoConnectionId, {
+            page: page ? parseInt(page, 10) : undefined,
+            perPage: perPage ? Math.min(parseInt(perPage, 10), 100) : undefined,
+            type: type,
+            sort: sort,
+        });
+        res.json({
+            repositories: result.repositories,
+            pagination: {
+                page: page ? parseInt(page, 10) : 1,
+                perPage: perPage ? Math.min(parseInt(perPage, 10), 100) : 100,
+                hasMore: result.hasMore,
+            },
+            checkedBy: {
+                userId: user.id,
+                githubUsername: user.githubUsername,
+            },
+        });
+    }
+    catch (error) {
+        console.error('Error listing accessible repos:', error);
+        res.status(500).json({ error: 'Failed to list accessible repositories' });
+    }
+});
+/**
+ * GET /api/repos/search
+ * Search GitHub repos by name
+ */
+reposRouter.get('/search', async (req, res) => {
+    const githubToken = req.session.githubToken;
+    const { q } = req.query;
+    if (!q || typeof q !== 'string') {
+        return res.status(400).json({ error: 'Search query (q) is required' });
+    }
+    if (!githubToken) {
+        return res.status(401).json({ error: 'GitHub not connected' });
+    }
+    try {
+        // Search user's repos
+        const response = await fetch(`https://api.github.com/search/repositories?q=${encodeURIComponent(q)}+user:@me&sort=updated&per_page=20`, {
+            headers: {
+                Authorization: `Bearer ${githubToken}`,
+                Accept: 'application/vnd.github.v3+json',
+            },
+        });
+        if (!response.ok) {
+            throw new Error('GitHub search failed');
+        }
+        const data = await response.json();
+        res.json({
+            repositories: data.items.map((r) => ({
+                githubId: r.id,
+                fullName: r.full_name,
+                name: r.name,
+                owner: r.owner.login,
+                description: r.description,
+                defaultBranch: r.default_branch,
+                isPrivate: r.private,
+                language: r.language,
+            })),
+            total: data.total_count,
+        });
+    }
+    catch (error) {
+        console.error('Error searching repos:', error);
+        res.status(500).json({ error: 'Failed to search repositories' });
+    }
+});
+// ============================================================================
+// Nango-based GitHub Permission APIs (for dashboard access control)
+// ============================================================================
+/**
+ * GET /api/repos/check-access/:owner/:repo
+ * Check if authenticated user has access to a specific GitHub repository.
+ * Uses Nango proxy with user's GitHub OAuth token.
+ *
+ * Response:
+ * - hasAccess: boolean - Whether user can access this repo
+ * - permission: 'admin' | 'write' | 'read' | 'none' - User's permission level
+ * - repository: Repository details if user has access
+ *
+ * Use this for dashboard access control - grant access if hasAccess is true.
+ */
+reposRouter.get('/check-access/:owner/:repo', async (req, res) => {
+    const userId = req.session.userId;
+    const { owner, repo } = req.params;
+    if (!owner || !repo) {
+        return res.status(400).json({ error: 'Owner and repo parameters are required' });
+    }
+    try {
+        // Get user's Nango connection ID
+        const user = await db.users.findById(userId);
+        if (!user) {
+            return res.status(404).json({ error: 'User not found' });
+        }
+        if (!user.nangoConnectionId) {
+            return res.status(400).json({
+                error: 'GitHub not connected via Nango',
+                code: 'NANGO_NOT_CONNECTED',
+                message: 'Please reconnect your GitHub account',
+            });
+        }
+        // Check access via Nango proxy
+        const accessResult = await nangoService.checkUserRepoAccess(user.nangoConnectionId, owner, repo);
+        res.json({
+            hasAccess: accessResult.hasAccess,
+            permission: accessResult.permission,
+            repository: accessResult.repository,
+            // Include user info for dashboard context
+            checkedBy: {
+                userId: user.id,
+                githubUsername: user.githubUsername,
+            },
+        });
+    }
+    catch (error) {
+        console.error('Error checking repo access:', error);
+        res.status(500).json({ error: 'Failed to check repository access' });
+    }
+});
+/**
+ * POST /api/repos/check-access-bulk
+ * Check access to multiple repositories at once.
+ * Useful for determining which workspaces a user can view.
+ *
+ * Body:
+ * - repositories: Array of "owner/repo" strings
+ *
+ * Response:
+ * - results: Array of { fullName, hasAccess, permission }
+ */
+reposRouter.post('/check-access-bulk', async (req, res) => {
+    const userId = req.session.userId;
+    const { repositories } = req.body;
+    if (!repositories || !Array.isArray(repositories)) {
+        return res.status(400).json({ error: 'repositories array is required' });
+    }
+    if (repositories.length > 50) {
+        return res.status(400).json({ error: 'Maximum 50 repositories per request' });
+    }
+    try {
+        // Get user's Nango connection ID
+        const user = await db.users.findById(userId);
+        if (!user) {
+            return res.status(404).json({ error: 'User not found' });
+        }
+        if (!user.nangoConnectionId) {
+            return res.status(400).json({
+                error: 'GitHub not connected via Nango',
+                code: 'NANGO_NOT_CONNECTED',
+                message: 'Please reconnect your GitHub account',
+            });
+        }
+        // Check access for each repo (in parallel with concurrency limit)
+        const results = [];
+        // Process in batches of 10 to avoid rate limiting
+        const batchSize = 10;
+        for (let i = 0; i < repositories.length; i += batchSize) {
+            const batch = repositories.slice(i, i + batchSize);
+            const batchResults = await Promise.all(batch.map(async (fullName) => {
+                try {
+                    const [owner, repo] = fullName.split('/');
+                    if (!owner || !repo) {
+                        return { fullName, hasAccess: false, error: 'Invalid repository format' };
+                    }
+                    const accessResult = await nangoService.checkUserRepoAccess(user.nangoConnectionId, owner, repo);
+                    return {
+                        fullName,
+                        hasAccess: accessResult.hasAccess,
+                        permission: accessResult.permission,
+                    };
+                }
+                catch (_err) {
+                    return { fullName, hasAccess: false, error: 'Check failed' };
+                }
+            }));
+            results.push(...batchResults);
+        }
+        const accessibleCount = results.filter(r => r.hasAccess).length;
+        res.json({
+            results,
+            summary: {
+                total: repositories.length,
+                accessible: accessibleCount,
+                denied: repositories.length - accessibleCount,
+            },
+            checkedBy: {
+                userId: user.id,
+                githubUsername: user.githubUsername,
+            },
+        });
+    }
+    catch (error) {
+        console.error('Error checking bulk repo access:', error);
+        res.status(500).json({ error: 'Failed to check repository access' });
+    }
+});
+// ============================================================================
+// WILDCARD ROUTES BELOW - All specific routes must be defined ABOVE this line
+// ============================================================================
 /**
  * GET /api/repos/:id
  * Get repository details
@@ -219,6 +493,9 @@ reposRouter.get('/:id', async (req, res) => {
 /**
  * POST /api/repos/:id/sync
  * Trigger repository sync (clone/pull to workspace)
+ *
+ * Calls the workspace's /repos/sync API endpoint to clone or update the repo.
+ * This enables dynamic repo management without workspace restart.
  */
 reposRouter.post('/:id/sync', async (req, res) => {
     const userId = req.session.userId;
@@ -232,14 +509,43 @@ reposRouter.post('/:id/sync', async (req, res) => {
         if (!repo.workspaceId) {
             return res.status(400).json({ error: 'Repository not assigned to a workspace' });
         }
+        // Get the workspace to find its public URL
+        const workspace = await db.workspaces.findById(repo.workspaceId);
+        if (!workspace) {
+            return res.status(404).json({ error: 'Workspace not found' });
+        }
+        if (workspace.status !== 'running') {
+            return res.status(400).json({
+                error: 'Workspace is not running',
+                workspaceStatus: workspace.status,
+            });
+        }
+        if (!workspace.publicUrl) {
+            return res.status(400).json({ error: 'Workspace has no public URL' });
+        }
         // Update sync status
         await db.repositories.updateSyncStatus(id, 'syncing');
-        // In production, this would trigger the workspace to pull the repo
-        // For now, simulate success after a short delay
-        setTimeout(async () => {
+        // Call the workspace's repo sync API
+        const result = await callWorkspaceApi(workspace.publicUrl, workspace.id, 'POST', '/repos/sync', { repo: repo.githubFullName });
+        if (result.ok) {
+            // Update sync status to synced
             await db.repositories.updateSyncStatus(id, 'synced', new Date());
-        }, 2000);
-        res.json({ message: 'Sync started', syncStatus: 'syncing' });
+            res.json({
+                message: 'Repository synced successfully',
+                syncStatus: 'synced',
+                result: result.data,
+            });
+        }
+        else {
+            // Update sync status to error
+            await db.repositories.updateSyncStatus(id, 'error');
+            console.error('Workspace sync failed:', result.error);
+            res.status(502).json({
+                error: 'Failed to sync repository to workspace',
+                details: result.error,
+                syncStatus: 'error',
+            });
+        }
     }
     catch (error) {
         console.error('Error syncing repo:', error);
@@ -267,48 +573,4 @@ reposRouter.delete('/:id', async (req, res) => {
         res.status(500).json({ error: 'Failed to delete repository' });
     }
 });
-/**
- * GET /api/repos/search
- * Search GitHub repos by name
- */
-reposRouter.get('/search', async (req, res) => {
-    const githubToken = req.session.githubToken;
-    const { q } = req.query;
-    if (!q || typeof q !== 'string') {
-        return res.status(400).json({ error: 'Search query (q) is required' });
-    }
-    if (!githubToken) {
-        return res.status(401).json({ error: 'GitHub not connected' });
-    }
-    try {
-        // Search user's repos
-        const response = await fetch(`https://api.github.com/search/repositories?q=${encodeURIComponent(q)}+user:@me&sort=updated&per_page=20`, {
-            headers: {
-                Authorization: `Bearer ${githubToken}`,
-                Accept: 'application/vnd.github.v3+json',
-            },
-        });
-        if (!response.ok) {
-            throw new Error('GitHub search failed');
-        }
-        const data = await response.json();
-        res.json({
-            repositories: data.items.map((r) => ({
-                githubId: r.id,
-                fullName: r.full_name,
-                name: r.name,
-                owner: r.owner.login,
-                description: r.description,
-                defaultBranch: r.default_branch,
-                isPrivate: r.private,
-                language: r.language,
-            })),
-            total: data.total_count,
-        });
-    }
-    catch (error) {
-        console.error('Error searching repos:', error);
-        res.status(500).json({ error: 'Failed to search repositories' });
-    }
-});
 //# sourceMappingURL=repos.js.map

package/dist/cloud/api/test-helpers.js CHANGED Viewed

@@ -227,6 +227,46 @@ testHelpersRouter.post('/create-mock-repo', async (req, res) => {
         res.status(500).json({ error: 'Failed to create mock repo' });
     }
 });
+/**
+ * GET /api/test/auto-login
+ * Browser-friendly auto-login - visit this URL to login and redirect
+ * Usage: /api/test/auto-login?redirect=/providers/setup/claude?workspace=xxx
+ */
+testHelpersRouter.get('/auto-login', async (req, res) => {
+    if (!isTestMode) {
+        return res.status(403).json({ error: 'Test endpoints disabled in production' });
+    }
+    try {
+        const db = getDb();
+        const redirect = req.query.redirect || '/app';
+        // Find or create test user
+        let user;
+        const existingUsers = await db.select().from(users).limit(1);
+        if (existingUsers.length > 0) {
+            user = existingUsers[0];
+        }
+        else {
+            const testId = `test-${randomUUID()}`;
+            const [newUser] = await db.insert(users).values({
+                email: `${testId}@test.local`,
+                githubId: testId,
+                githubUsername: 'test-user',
+                avatarUrl: null,
+                plan: 'free',
+            }).returning();
+            user = newUser;
+        }
+        // Set session and CSRF token
+        req.session.userId = user.id;
+        req.session.csrfToken = randomUUID();
+        // Redirect to requested page
+        res.redirect(redirect);
+    }
+    catch (error) {
+        console.error('Error in auto-login:', error);
+        res.status(500).json({ error: 'Failed to auto-login' });
+    }
+});
 /**
  * POST /api/test/login-as
  * Quick login for testing - creates session for existing or new test user

package/dist/cloud/api/usage.js CHANGED Viewed

@@ -6,6 +6,7 @@
 import { Router } from 'express';
 import { requireAuth } from './auth.js';
 import { getRemainingQuota, getUserUsage, getPlanLimits } from '../services/planLimits.js';
+import { getIntroStatus } from '../services/intro-expiration.js';
 import { db } from '../db/index.js';
 export const usageRouter = Router();
 // All routes require authentication
@@ -23,6 +24,8 @@ usageRouter.get('/', async (req, res) => {
         }
         const plan = user.plan || 'free';
         const quota = await getRemainingQuota(userId);
+        // Get intro period status for free tier users
+        const introStatus = getIntroStatus(user.createdAt, plan);
         const calcPercent = (current, limit) => limit === Infinity ? 0 : Math.round((current / limit) * 100);
         res.json({
             plan,
@@ -51,6 +54,16 @@ usageRouter.get('/', async (req, res) => {
                 concurrentAgents: calcPercent(quota.usage.concurrentAgents, quota.limits.maxConcurrentAgents),
                 computeHours: calcPercent(quota.usage.computeHoursThisMonth, quota.limits.maxComputeHoursPerMonth),
             },
+            // Intro period bonus for free tier users (2 CPU / 4GB for first 14 days)
+            introBonus: {
+                isActive: introStatus.isIntroPeriod,
+                daysRemaining: introStatus.daysRemaining,
+                totalDays: introStatus.introPeriodDays,
+                expiresAt: introStatus.expiresAt?.toISOString() || null,
+                resources: introStatus.isIntroPeriod
+                    ? { cpus: 2, memoryGb: 4, description: 'Pro-level resources' }
+                    : { cpus: 1, memoryGb: 2, description: 'Standard free tier' },
+            },
         });
     }
     catch (error) {

package/dist/cloud/api/webhooks.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@
  * Webhook API Routes
  *
  * Handles GitHub App webhooks for installation events.
+ * Also provides workspace webhook forwarding for external integrations.
  */
 export declare const webhooksRouter: import("express-serve-static-core").Router;
 //# sourceMappingURL=webhooks.d.ts.map

package/dist/cloud/api/webhooks.js CHANGED Viewed

@@ -2,12 +2,161 @@
  * Webhook API Routes
  *
  * Handles GitHub App webhooks for installation events.
+ * Also provides workspace webhook forwarding for external integrations.
  */
 import { Router } from 'express';
 import crypto from 'crypto';
 import { getConfig } from '../config.js';
 import { db } from '../db/index.js';
 export const webhooksRouter = Router();
+// ============================================================================
+// Workspace Webhook Forwarding
+// ============================================================================
+/**
+ * Convert workspace public URL to internal Fly.io URL
+ */
+function getWorkspaceInternalUrl(publicUrl) {
+    const isOnFly = !!process.env.FLY_APP_NAME;
+    let url = publicUrl.replace(/\/$/, '');
+    if (isOnFly && url.includes('.fly.dev')) {
+        // Use Fly.io internal networking
+        // ar-583f273b.fly.dev -> http://ar-583f273b.internal:3888
+        // .internal uses IPv6 and works by default for apps in the same org
+        const appName = url.match(/https?:\/\/([^.]+)\.fly\.dev/)?.[1];
+        if (appName) {
+            url = `http://${appName}.internal:3888`;
+        }
+    }
+    return url;
+}
+/**
+ * Wake a suspended Fly.io workspace machine
+ */
+async function wakeWorkspaceMachine(workspaceId) {
+    const workspace = await db.workspaces.findById(workspaceId);
+    if (!workspace?.computeId)
+        return false;
+    const appName = `ar-${workspaceId.substring(0, 8)}`;
+    const apiToken = process.env.FLY_API_TOKEN;
+    if (!apiToken) {
+        console.warn('[webhooks] FLY_API_TOKEN not set, cannot wake machine');
+        return false;
+    }
+    try {
+        const response = await fetch(`https://api.machines.dev/v1/apps/${appName}/machines/${workspace.computeId}/start`, {
+            method: 'POST',
+            headers: { Authorization: `Bearer ${apiToken}` },
+        });
+        if (response.ok) {
+            console.log(`[webhooks] Started workspace machine ${workspace.computeId}`);
+            // Wait a bit for machine to start
+            await new Promise(resolve => setTimeout(resolve, 5000));
+            return true;
+        }
+        // 200 OK means already running
+        if (response.status === 200) {
+            return true;
+        }
+        console.warn(`[webhooks] Failed to start machine: ${response.status}`);
+        return false;
+    }
+    catch (error) {
+        console.error('[webhooks] Error waking machine:', error);
+        return false;
+    }
+}
+/**
+ * POST /api/webhooks/workspace/:workspaceId/*
+ * Forward webhooks to a specific workspace
+ *
+ * External services can send webhooks to:
+ *   https://agent-relay.com/api/webhooks/workspace/{workspaceId}/your/path
+ *
+ * This will be forwarded to:
+ *   http://{workspace-internal}/webhooks/your/path
+ */
+// Handler for workspace webhook forwarding - matches any path under /workspace/:workspaceId
+async function _handleWorkspaceWebhook(req, res) {
+    // Extract workspaceId from URL path
+    const pathMatch = req.originalUrl.match(/\/workspace\/([^/]+)\/?(.*)$/);
+    if (!pathMatch) {
+        res.status(400).json({ error: 'Invalid workspace webhook URL' });
+        return;
+    }
+    const workspaceId = pathMatch[1];
+    const forwardPath = pathMatch[2] || '';
+    console.log(`[webhooks] Forwarding to workspace ${workspaceId}: ${req.method} /${forwardPath}`);
+    try {
+        // Find the workspace
+        const workspace = await db.workspaces.findById(workspaceId);
+        if (!workspace) {
+            res.status(404).json({ error: 'Workspace not found' });
+            return;
+        }
+        if (!workspace.publicUrl) {
+            res.status(400).json({ error: 'Workspace has no public URL' });
+            return;
+        }
+        // Try to wake the machine if it might be suspended
+        if (workspace.status === 'running' || workspace.status === 'suspended') {
+            await wakeWorkspaceMachine(workspaceId);
+        }
+        // Get internal URL for server-to-server communication
+        const internalUrl = getWorkspaceInternalUrl(workspace.publicUrl);
+        const targetUrl = `${internalUrl}/webhooks/${forwardPath}`;
+        console.log(`[webhooks] Forwarding to: ${targetUrl}`);
+        // Forward the request with original headers and body
+        const forwardHeaders = {};
+        // Copy relevant headers
+        const headersToForward = [
+            'content-type',
+            'x-hub-signature-256',
+            'x-hub-signature',
+            'x-github-event',
+            'x-github-delivery',
+            'x-gitlab-token',
+            'x-gitlab-event',
+            'user-agent',
+        ];
+        for (const header of headersToForward) {
+            const value = req.get(header);
+            if (value) {
+                forwardHeaders[header] = value;
+            }
+        }
+        // Add workspace context header
+        forwardHeaders['x-forwarded-for-workspace'] = workspaceId;
+        forwardHeaders['x-original-host'] = req.get('host') || '';
+        // Get raw body if available, otherwise use JSON stringified body
+        const rawBody = req.rawBody || JSON.stringify(req.body);
+        const response = await fetch(targetUrl, {
+            method: req.method,
+            headers: forwardHeaders,
+            body: ['GET', 'HEAD'].includes(req.method) ? undefined : rawBody,
+        });
+        // Forward response back
+        const responseBody = await response.text();
+        res.status(response.status);
+        // Copy response headers
+        response.headers.forEach((value, key) => {
+            if (!['content-encoding', 'transfer-encoding', 'content-length'].includes(key.toLowerCase())) {
+                res.set(key, value);
+            }
+        });
+        res.send(responseBody);
+    }
+    catch (error) {
+        console.error(`[webhooks] Error forwarding to workspace ${workspaceId}:`, error);
+        res.status(502).json({
+            error: 'Failed to forward webhook to workspace',
+            details: error.message,
+        });
+    }
+}
+// TODO: Re-enable workspace webhook forwarding once route pattern issue is resolved
+// The newer path-to-regexp version doesn't support wildcard patterns like /workspace/*
+// See: https://git.new/pathToRegexpError
+// webhooksRouter.all('/workspace/*', handleWorkspaceWebhook);
 // GitHub webhook signature verification
 function verifyGitHubSignature(payload, signature) {
     if (!signature)

package/dist/cloud/api/workspaces.d.ts CHANGED Viewed

@@ -2,6 +2,24 @@
  * Workspaces API Routes
  *
  * One-click workspace provisioning and management.
+ * Includes auto-access based on GitHub repo permissions.
  */
+import { Request, Response, NextFunction } from 'express';
+/**
+ * Check if user has access to a workspace via:
+ * 1. Workspace ownership (userId matches)
+ * 2. Explicit workspace_members record
+ * 3. GitHub repo access (just-in-time check via Nango)
+ */
+export declare function checkWorkspaceAccess(userId: string, workspaceId: string): Promise<{
+    hasAccess: boolean;
+    accessType: 'owner' | 'member' | 'contributor' | 'none';
+    permission?: 'admin' | 'write' | 'read';
+}>;
+/**
+ * Middleware to require workspace access.
+ * Checks ownership, membership, or GitHub repo access.
+ */
+export declare function requireWorkspaceAccess(req: Request, res: Response, next: NextFunction): void;
 export declare const workspacesRouter: import("express-serve-static-core").Router;
 //# sourceMappingURL=workspaces.d.ts.map