npm - botmux - Versions diffs - 2.9.0 → 2.9.2 - Mend

botmux 2.9.0 → 2.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (330) hide show

package/README.en.md +140 -76
package/README.md +134 -75
package/dist/adapters/backend/pty-backend.d.ts +6 -0
package/dist/adapters/backend/pty-backend.d.ts.map +1 -1
package/dist/adapters/backend/pty-backend.js +10 -0
package/dist/adapters/backend/pty-backend.js.map +1 -1
package/dist/adapters/backend/session-backend-selector.d.ts +11 -0
package/dist/adapters/backend/session-backend-selector.d.ts.map +1 -0
package/dist/adapters/backend/session-backend-selector.js +26 -0
package/dist/adapters/backend/session-backend-selector.js.map +1 -0
package/dist/adapters/backend/tmux-backend.d.ts +80 -3
package/dist/adapters/backend/tmux-backend.d.ts.map +1 -1
package/dist/adapters/backend/tmux-backend.js +301 -49
package/dist/adapters/backend/tmux-backend.js.map +1 -1
package/dist/adapters/backend/tmux-pipe-backend.d.ts +100 -0
package/dist/adapters/backend/tmux-pipe-backend.d.ts.map +1 -0
package/dist/adapters/backend/tmux-pipe-backend.js +473 -0
package/dist/adapters/backend/tmux-pipe-backend.js.map +1 -0
package/dist/adapters/cli/aiden.d.ts.map +1 -1
package/dist/adapters/cli/aiden.js +5 -0
package/dist/adapters/cli/aiden.js.map +1 -1
package/dist/adapters/cli/claude-code.d.ts +40 -1
package/dist/adapters/cli/claude-code.d.ts.map +1 -1
package/dist/adapters/cli/claude-code.js +470 -49
package/dist/adapters/cli/claude-code.js.map +1 -1
package/dist/adapters/cli/coco.d.ts.map +1 -1
package/dist/adapters/cli/coco.js +191 -9
package/dist/adapters/cli/coco.js.map +1 -1
package/dist/adapters/cli/codex.d.ts.map +1 -1
package/dist/adapters/cli/codex.js +94 -17
package/dist/adapters/cli/codex.js.map +1 -1
package/dist/adapters/cli/shared-hints.d.ts +2 -2
package/dist/adapters/cli/shared-hints.d.ts.map +1 -1
package/dist/adapters/cli/shared-hints.js +7 -5
package/dist/adapters/cli/shared-hints.js.map +1 -1
package/dist/adapters/cli/types.d.ts +38 -1
package/dist/adapters/cli/types.d.ts.map +1 -1
package/dist/autostart.d.ts +14 -0
package/dist/autostart.d.ts.map +1 -0
package/dist/autostart.js +357 -0
package/dist/autostart.js.map +1 -0
package/dist/bot-registry.d.ts +29 -3
package/dist/bot-registry.d.ts.map +1 -1
package/dist/bot-registry.js +91 -12
package/dist/bot-registry.js.map +1 -1
package/dist/cli/arg-utils.d.ts +11 -0
package/dist/cli/arg-utils.d.ts.map +1 -0
package/dist/cli/arg-utils.js +25 -0
package/dist/cli/arg-utils.js.map +1 -0
package/dist/cli/create-group-resolver.d.ts +32 -0
package/dist/cli/create-group-resolver.d.ts.map +1 -0
package/dist/cli/create-group-resolver.js +70 -0
package/dist/cli/create-group-resolver.js.map +1 -0
package/dist/cli/quoted-render.d.ts +30 -0
package/dist/cli/quoted-render.d.ts.map +1 -0
package/dist/cli/quoted-render.js +29 -0
package/dist/cli/quoted-render.js.map +1 -0
package/dist/cli.js +916 -272
package/dist/cli.js.map +1 -1
package/dist/config.d.ts +6 -0
package/dist/config.d.ts.map +1 -1
package/dist/config.js +18 -8
package/dist/config.js.map +1 -1
package/dist/core/command-handler.d.ts +43 -0
package/dist/core/command-handler.d.ts.map +1 -1
package/dist/core/command-handler.js +167 -64
package/dist/core/command-handler.js.map +1 -1
package/dist/core/dashboard-events.d.ts +57 -0
package/dist/core/dashboard-events.d.ts.map +1 -0
package/dist/core/dashboard-events.js +23 -0
package/dist/core/dashboard-events.js.map +1 -0
package/dist/core/dashboard-ipc-server.d.ts +43 -0
package/dist/core/dashboard-ipc-server.d.ts.map +1 -0
package/dist/core/dashboard-ipc-server.js +481 -0
package/dist/core/dashboard-ipc-server.js.map +1 -0
package/dist/core/dashboard-locate.d.ts +20 -0
package/dist/core/dashboard-locate.d.ts.map +1 -0
package/dist/core/dashboard-locate.js +26 -0
package/dist/core/dashboard-locate.js.map +1 -0
package/dist/core/dashboard-rows.d.ts +31 -0
package/dist/core/dashboard-rows.d.ts.map +1 -0
package/dist/core/dashboard-rows.js +65 -0
package/dist/core/dashboard-rows.js.map +1 -0
package/dist/core/inherit-peer.d.ts +14 -0
package/dist/core/inherit-peer.d.ts.map +1 -0
package/dist/core/inherit-peer.js +32 -0
package/dist/core/inherit-peer.js.map +1 -0
package/dist/core/scheduler.d.ts +24 -0
package/dist/core/scheduler.d.ts.map +1 -1
package/dist/core/scheduler.js +93 -2
package/dist/core/scheduler.js.map +1 -1
package/dist/core/session-activity.d.ts +3 -0
package/dist/core/session-activity.d.ts.map +1 -0
package/dist/core/session-activity.js +20 -0
package/dist/core/session-activity.js.map +1 -0
package/dist/core/session-discovery.d.ts +39 -0
package/dist/core/session-discovery.d.ts.map +1 -1
package/dist/core/session-discovery.js +114 -21
package/dist/core/session-discovery.js.map +1 -1
package/dist/core/session-manager.d.ts +72 -0
package/dist/core/session-manager.d.ts.map +1 -1
package/dist/core/session-manager.js +396 -106
package/dist/core/session-manager.js.map +1 -1
package/dist/core/types.d.ts +27 -2
package/dist/core/types.d.ts.map +1 -1
package/dist/core/types.js +14 -3
package/dist/core/types.js.map +1 -1
package/dist/core/worker-pool.d.ts +72 -3
package/dist/core/worker-pool.d.ts.map +1 -1
package/dist/core/worker-pool.js +459 -38
package/dist/core/worker-pool.js.map +1 -1
package/dist/daemon.d.ts.map +1 -1
package/dist/daemon.js +601 -309
package/dist/daemon.js.map +1 -1
package/dist/dashboard/aggregator.d.ts +41 -0
package/dist/dashboard/aggregator.d.ts.map +1 -0
package/dist/dashboard/aggregator.js +125 -0
package/dist/dashboard/aggregator.js.map +1 -0
package/dist/dashboard/auth.d.ts +23 -0
package/dist/dashboard/auth.d.ts.map +1 -0
package/dist/dashboard/auth.js +66 -0
package/dist/dashboard/auth.js.map +1 -0
package/dist/dashboard/operator-selector.d.ts +20 -0
package/dist/dashboard/operator-selector.d.ts.map +1 -0
package/dist/dashboard/operator-selector.js +39 -0
package/dist/dashboard/operator-selector.js.map +1 -0
package/dist/dashboard/registry.d.ts +35 -0
package/dist/dashboard/registry.d.ts.map +1 -0
package/dist/dashboard/registry.js +74 -0
package/dist/dashboard/registry.js.map +1 -0
package/dist/dashboard/web/app.d.ts +2 -0
package/dist/dashboard/web/app.d.ts.map +1 -0
package/dist/dashboard/web/app.js +45 -0
package/dist/dashboard/web/app.js.map +1 -0
package/dist/dashboard/web/bot-defaults.d.ts +2 -0
package/dist/dashboard/web/bot-defaults.d.ts.map +1 -0
package/dist/dashboard/web/bot-defaults.js +201 -0
package/dist/dashboard/web/bot-defaults.js.map +1 -0
package/dist/dashboard/web/groups.d.ts +16 -0
package/dist/dashboard/web/groups.d.ts.map +1 -0
package/dist/dashboard/web/groups.js +584 -0
package/dist/dashboard/web/groups.js.map +1 -0
package/dist/dashboard/web/schedules.d.ts +2 -0
package/dist/dashboard/web/schedules.d.ts.map +1 -0
package/dist/dashboard/web/schedules.js +105 -0
package/dist/dashboard/web/schedules.js.map +1 -0
package/dist/dashboard/web/sessions.d.ts +2 -0
package/dist/dashboard/web/sessions.d.ts.map +1 -0
package/dist/dashboard/web/sessions.js +374 -0
package/dist/dashboard/web/sessions.js.map +1 -0
package/dist/dashboard/web/store.d.ts +23 -0
package/dist/dashboard/web/store.d.ts.map +1 -0
package/dist/dashboard/web/store.js +82 -0
package/dist/dashboard/web/store.js.map +1 -0
package/dist/dashboard-web/app.js +263 -0
package/dist/dashboard-web/index.html +23 -0
package/dist/dashboard-web/style.css +93 -0
package/dist/dashboard.d.ts +2 -0
package/dist/dashboard.d.ts.map +1 -0
package/dist/dashboard.js +639 -0
package/dist/dashboard.js.map +1 -0
package/dist/im/lark/card-builder.d.ts +18 -1
package/dist/im/lark/card-builder.d.ts.map +1 -1
package/dist/im/lark/card-builder.js +70 -9
package/dist/im/lark/card-builder.js.map +1 -1
package/dist/im/lark/card-handler.d.ts.map +1 -1
package/dist/im/lark/card-handler.js +123 -109
package/dist/im/lark/card-handler.js.map +1 -1
package/dist/im/lark/client.d.ts +36 -0
package/dist/im/lark/client.d.ts.map +1 -1
package/dist/im/lark/client.js +119 -13
package/dist/im/lark/client.js.map +1 -1
package/dist/im/lark/event-dispatcher.d.ts +92 -8
package/dist/im/lark/event-dispatcher.d.ts.map +1 -1
package/dist/im/lark/event-dispatcher.js +410 -89
package/dist/im/lark/event-dispatcher.js.map +1 -1
package/dist/im/lark/forwarded-renderer.d.ts +23 -0
package/dist/im/lark/forwarded-renderer.d.ts.map +1 -0
package/dist/im/lark/forwarded-renderer.js +105 -0
package/dist/im/lark/forwarded-renderer.js.map +1 -0
package/dist/im/lark/md-card.d.ts +73 -0
package/dist/im/lark/md-card.d.ts.map +1 -0
package/dist/im/lark/md-card.js +332 -0
package/dist/im/lark/md-card.js.map +1 -0
package/dist/im/lark/merge-forward.d.ts +32 -0
package/dist/im/lark/merge-forward.d.ts.map +1 -0
package/dist/im/lark/merge-forward.js +110 -0
package/dist/im/lark/merge-forward.js.map +1 -0
package/dist/im/lark/message-parser.d.ts +9 -3
package/dist/im/lark/message-parser.d.ts.map +1 -1
package/dist/im/lark/message-parser.js +48 -13
package/dist/im/lark/message-parser.js.map +1 -1
package/dist/im/lark/quote-hint.d.ts +18 -0
package/dist/im/lark/quote-hint.d.ts.map +1 -0
package/dist/im/lark/quote-hint.js +23 -0
package/dist/im/lark/quote-hint.js.map +1 -0
package/dist/services/bridge-fallback-gate.d.ts +42 -0
package/dist/services/bridge-fallback-gate.d.ts.map +1 -0
package/dist/services/bridge-fallback-gate.js +12 -0
package/dist/services/bridge-fallback-gate.js.map +1 -0
package/dist/services/bridge-rotation-policy.d.ts +139 -0
package/dist/services/bridge-rotation-policy.d.ts.map +1 -0
package/dist/services/bridge-rotation-policy.js +125 -0
package/dist/services/bridge-rotation-policy.js.map +1 -0
package/dist/services/bridge-turn-queue.d.ts +154 -0
package/dist/services/bridge-turn-queue.d.ts.map +1 -0
package/dist/services/bridge-turn-queue.js +316 -0
package/dist/services/bridge-turn-queue.js.map +1 -0
package/dist/services/chat-first-seen-store.d.ts +27 -0
package/dist/services/chat-first-seen-store.d.ts.map +1 -0
package/dist/services/chat-first-seen-store.js +114 -0
package/dist/services/chat-first-seen-store.js.map +1 -0
package/dist/services/claude-transcript.d.ts +268 -0
package/dist/services/claude-transcript.d.ts.map +1 -0
package/dist/services/claude-transcript.js +798 -0
package/dist/services/claude-transcript.js.map +1 -0
package/dist/services/coco-transcript.d.ts +35 -0
package/dist/services/coco-transcript.d.ts.map +1 -0
package/dist/services/coco-transcript.js +192 -0
package/dist/services/coco-transcript.js.map +1 -0
package/dist/services/codex-bridge-queue.d.ts +56 -0
package/dist/services/codex-bridge-queue.d.ts.map +1 -0
package/dist/services/codex-bridge-queue.js +150 -0
package/dist/services/codex-bridge-queue.js.map +1 -0
package/dist/services/codex-transcript.d.ts +84 -0
package/dist/services/codex-transcript.d.ts.map +1 -0
package/dist/services/codex-transcript.js +298 -0
package/dist/services/codex-transcript.js.map +1 -0
package/dist/services/group-creator.d.ts +23 -0
package/dist/services/group-creator.d.ts.map +1 -0
package/dist/services/group-creator.js +75 -0
package/dist/services/group-creator.js.map +1 -0
package/dist/services/groups-store.d.ts +98 -0
package/dist/services/groups-store.d.ts.map +1 -0
package/dist/services/groups-store.js +213 -0
package/dist/services/groups-store.js.map +1 -0
package/dist/services/oncall-store.d.ts +80 -8
package/dist/services/oncall-store.d.ts.map +1 -1
package/dist/services/oncall-store.js +265 -55
package/dist/services/oncall-store.js.map +1 -1
package/dist/services/project-scanner.d.ts +1 -2
package/dist/services/project-scanner.d.ts.map +1 -1
package/dist/services/project-scanner.js +118 -68
package/dist/services/project-scanner.js.map +1 -1
package/dist/services/schedule-store.d.ts +5 -0
package/dist/services/schedule-store.d.ts.map +1 -1
package/dist/services/schedule-store.js +77 -1
package/dist/services/schedule-store.js.map +1 -1
package/dist/services/session-store.d.ts +22 -0
package/dist/services/session-store.d.ts.map +1 -1
package/dist/services/session-store.js +62 -4
package/dist/services/session-store.js.map +1 -1
package/dist/setup/bots-store.d.ts +3 -0
package/dist/setup/bots-store.d.ts.map +1 -0
package/dist/setup/bots-store.js +24 -0
package/dist/setup/bots-store.js.map +1 -0
package/dist/setup/detect-platform.d.ts +14 -0
package/dist/setup/detect-platform.d.ts.map +1 -0
package/dist/setup/detect-platform.js +139 -0
package/dist/setup/detect-platform.js.map +1 -0
package/dist/setup/ensure-fonts.d.ts +13 -0
package/dist/setup/ensure-fonts.d.ts.map +1 -0
package/dist/setup/ensure-fonts.js +225 -0
package/dist/setup/ensure-fonts.js.map +1 -0
package/dist/setup/ensure-tmux.d.ts +60 -0
package/dist/setup/ensure-tmux.d.ts.map +1 -0
package/dist/setup/ensure-tmux.js +236 -0
package/dist/setup/ensure-tmux.js.map +1 -0
package/dist/setup/index.d.ts +9 -0
package/dist/setup/index.d.ts.map +1 -0
package/dist/setup/index.js +46 -0
package/dist/setup/index.js.map +1 -0
package/dist/setup/lark-scopes.json +301 -0
package/dist/setup/register-app.d.ts +52 -0
package/dist/setup/register-app.d.ts.map +1 -0
package/dist/setup/register-app.js +91 -0
package/dist/setup/register-app.js.map +1 -0
package/dist/setup/verify-permissions.d.ts +115 -0
package/dist/setup/verify-permissions.d.ts.map +1 -0
package/dist/setup/verify-permissions.js +207 -0
package/dist/setup/verify-permissions.js.map +1 -0
package/dist/skills/definitions.d.ts +4 -0
package/dist/skills/definitions.d.ts.map +1 -1
package/dist/skills/definitions.js +133 -19
package/dist/skills/definitions.js.map +1 -1
package/dist/skills/installer.d.ts +3 -1
package/dist/skills/installer.d.ts.map +1 -1
package/dist/skills/installer.js +18 -3
package/dist/skills/installer.js.map +1 -1
package/dist/types.d.ts +44 -0
package/dist/types.d.ts.map +1 -1
package/dist/utils/bot-routing.d.ts +6 -0
package/dist/utils/bot-routing.d.ts.map +1 -0
package/dist/utils/bot-routing.js +50 -0
package/dist/utils/bot-routing.js.map +1 -0
package/dist/utils/file-lock.d.ts +2 -0
package/dist/utils/file-lock.d.ts.map +1 -0
package/dist/utils/file-lock.js +114 -0
package/dist/utils/file-lock.js.map +1 -0
package/dist/utils/font-installer.js +1 -1
package/dist/utils/font-installer.js.map +1 -1
package/dist/utils/idle-detector.d.ts +6 -0
package/dist/utils/idle-detector.d.ts.map +1 -1
package/dist/utils/idle-detector.js +25 -4
package/dist/utils/idle-detector.js.map +1 -1
package/dist/utils/logger.d.ts +10 -0
package/dist/utils/logger.d.ts.map +1 -1
package/dist/utils/logger.js +60 -8
package/dist/utils/logger.js.map +1 -1
package/dist/utils/render-dimensions.d.ts +48 -0
package/dist/utils/render-dimensions.d.ts.map +1 -0
package/dist/utils/render-dimensions.js +55 -0
package/dist/utils/render-dimensions.js.map +1 -0
package/dist/utils/screen-analyzer.d.ts.map +1 -1
package/dist/utils/screen-analyzer.js +24 -0
package/dist/utils/screen-analyzer.js.map +1 -1
package/dist/utils/screenshot-renderer.d.ts.map +1 -1
package/dist/utils/screenshot-renderer.js +67 -23
package/dist/utils/screenshot-renderer.js.map +1 -1
package/dist/utils/terminal-renderer.d.ts +16 -0
package/dist/utils/terminal-renderer.d.ts.map +1 -1
package/dist/utils/terminal-renderer.js +40 -23
package/dist/utils/terminal-renderer.js.map +1 -1
package/dist/utils/transient-snapshot.d.ts +28 -0
package/dist/utils/transient-snapshot.d.ts.map +1 -0
package/dist/utils/transient-snapshot.js +96 -0
package/dist/utils/transient-snapshot.js.map +1 -0
package/dist/worker.js +2220 -83
package/dist/worker.js.map +1 -1
package/package.json +12 -5

package/dist/dashboard.js ADDED Viewed

@@ -0,0 +1,639 @@
+// src/dashboard.ts
+import { createServer } from 'node:http';
+import { readFileSync, writeFileSync, existsSync, chmodSync, mkdirSync, statSync, } from 'node:fs';
+import { join, dirname, extname } from 'node:path';
+import { homedir } from 'node:os';
+import { randomBytes } from 'node:crypto';
+import { logger } from './utils/logger.js';
+import { config } from './config.js';
+import { generateToken, parseCookie, buildSetCookie, verifyHmac, } from './dashboard/auth.js';
+import { DaemonRegistry } from './dashboard/registry.js';
+import { Aggregator, subscribeDaemon } from './dashboard/aggregator.js';
+import { pickCreatorForGroup } from './dashboard/operator-selector.js';
+const SECRET_PATH = join(homedir(), '.botmux', '.dashboard-secret');
+const REGISTRY_DIR = join(homedir(), '.botmux', 'data', 'dashboard-daemons');
+let activeToken = null;
+function loadOrCreateSecret() {
+    if (existsSync(SECRET_PATH))
+        return readFileSync(SECRET_PATH, 'utf8').trim();
+    const s = randomBytes(32).toString('base64url');
+    mkdirSync(dirname(SECRET_PATH), { recursive: true });
+    writeFileSync(SECRET_PATH, s, { mode: 0o600 });
+    chmodSync(SECRET_PATH, 0o600);
+    logger.info(`[dashboard] Generated dashboard secret at ${SECRET_PATH}`);
+    return s;
+}
+const SECRET = loadOrCreateSecret();
+mkdirSync(REGISTRY_DIR, { recursive: true });
+const registry = new DaemonRegistry(REGISTRY_DIR);
+const aggregator = new Aggregator();
+const subs = new Map();
+const attaching = new Set(); // dedup concurrent attaches per appId
+/**
+ * Attach to one daemon: hydrate its sessions/schedules into the aggregator,
+ * THEN open the SSE subscription. Order matters — hydrating after subscribe
+ * would let snapshot data clobber events that arrived between subscribe and
+ * the snapshot fetch.
+ *
+ * Idempotent: a second call for the same daemon while one is in flight is a
+ * no-op; a call after attach finished re-hydrates (useful when a daemon
+ * restarts and we want to refresh its slice of the cache).
+ */
+async function attachDaemon(d) {
+    if (attaching.has(d.larkAppId))
+        return;
+    attaching.add(d.larkAppId);
+    try {
+        // 1. Hydrate snapshot (blocking — completes before we wire SSE)
+        try {
+            const [sRes, schRes] = await Promise.all([
+                fetch(`http://127.0.0.1:${d.ipcPort}/api/sessions`),
+                fetch(`http://127.0.0.1:${d.ipcPort}/api/schedules`),
+            ]);
+            const s = await sRes.json();
+            const sch = await schRes.json();
+            aggregator.hydrateSessions(d.larkAppId, s.sessions ?? []);
+            aggregator.hydrateSchedules(sch.schedules ?? []);
+        }
+        catch (e) {
+            logger.warn(`[dashboard] hydrate ${d.larkAppId}: ${e.message ?? e}`);
+        }
+        // 2. Open SSE subscription if not already (idempotent)
+        if (!subs.has(d.larkAppId)) {
+            subs.set(d.larkAppId, subscribeDaemon(d, aggregator, e => logger.warn(`[aggregator] ${d.larkAppId}: ${e.message}`)));
+        }
+    }
+    finally {
+        attaching.delete(d.larkAppId);
+    }
+}
+function syncSubscriptions() {
+    const online = new Set(registry.list().map(d => d.larkAppId));
+    // Attach (hydrate + subscribe) any newly-online daemon. Fire-and-forget
+    // because the registry callback is sync and the attach is per-daemon
+    // independent.
+    for (const d of registry.list()) {
+        if (!subs.has(d.larkAppId)) {
+            void attachDaemon(d);
+        }
+    }
+    // Close subscriptions for daemons that went offline. Cache entries are
+    // intentionally retained — the user may still want to see the last-known
+    // state of those sessions/schedules in the dashboard.
+    for (const [id, off] of subs) {
+        if (!online.has(id)) {
+            off();
+            subs.delete(id);
+        }
+    }
+}
+await registry.start();
+registry.on(syncSubscriptions);
+// Initial attach for every daemon already known. Run in parallel so a slow
+// daemon doesn't block the others.
+await Promise.all(registry.list().map(attachDaemon));
+// ─── Static frontend ─────────────────────────────────────────────────────────
+// Path to the bundled frontend (sibling of dist/dashboard.js)
+const __dirname = dirname(new URL(import.meta.url).pathname);
+const WEB_DIR = join(__dirname, 'dashboard-web');
+const MIME = {
+    '.html': 'text/html; charset=utf-8',
+    '.js': 'application/javascript',
+    '.css': 'text/css',
+    '.svg': 'image/svg+xml',
+    '.woff2': 'font/woff2',
+};
+function serveStatic(_req, res, pathname) {
+    const rel = pathname === '/' ? 'index.html' : pathname.replace(/^\/+/, '');
+    const fp = join(WEB_DIR, rel);
+    // Path-traversal guard: resolved path must stay inside WEB_DIR
+    if (!fp.startsWith(WEB_DIR + '/') && fp !== join(WEB_DIR, 'index.html'))
+        return false;
+    try {
+        const st = statSync(fp);
+        if (!st.isFile())
+            return false;
+        res.writeHead(200, { 'content-type': MIME[extname(fp)] ?? 'application/octet-stream' });
+        res.end(readFileSync(fp));
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+// ─── HTTP routing ────────────────────────────────────────────────────────────
+function authedToken(req, url) {
+    const q = url.searchParams.get('t');
+    if (q && q === activeToken)
+        return q;
+    return parseCookie(req.headers.cookie);
+}
+function jsonRes(res, status, body) {
+    res.writeHead(status, { 'content-type': 'application/json' });
+    res.end(JSON.stringify(body));
+}
+async function proxyToDaemon(larkAppId, daemonPath, init) {
+    const d = registry.getByAppId(larkAppId);
+    if (!d) {
+        return new Response(JSON.stringify({ ok: false, error: 'daemon_offline' }), {
+            status: 503,
+            headers: { 'content-type': 'application/json' },
+        });
+    }
+    return fetch(`http://127.0.0.1:${d.ipcPort}${daemonPath}`, init);
+}
+/**
+ * Close every active session matching `pred` by routing to its owning daemon.
+ * Used after disband (close all sessions in chat) and leave (close only the
+ * leaving bot's sessions in chat) so the UI doesn't end up with zombie workers
+ * pointing at a chat the bot can no longer post into.
+ */
+async function closeSessionsMatching(pred) {
+    const matching = aggregator.getSessions().filter(s => s.status !== 'closed' && pred(s));
+    return Promise.all(matching.map(async (s) => {
+        try {
+            const upstream = await proxyToDaemon(s.larkAppId, `/api/sessions/${encodeURIComponent(s.sessionId)}/close`, { method: 'POST' });
+            const text = await upstream.text();
+            let body = null;
+            try {
+                body = JSON.parse(text);
+            }
+            catch { /* tolerate */ }
+            return {
+                sessionId: s.sessionId,
+                ok: !!body?.ok,
+                error: body?.ok ? undefined : (body?.error ?? `http_${upstream.status}`),
+            };
+        }
+        catch (e) {
+            return { sessionId: s.sessionId, ok: false, error: e?.message ?? String(e) };
+        }
+    }));
+}
+const server = createServer(async (req, res) => {
+    try {
+        const url = new URL(req.url ?? '/', `http://${req.headers.host ?? 'localhost'}`);
+        // Health probe (no auth) — for pm2
+        if (url.pathname === '/__health') {
+            return jsonRes(res, 200, { ok: true });
+        }
+        // CLI rotate (HMAC + loopback only) — for `botmux dashboard`
+        if (req.method === 'POST' && url.pathname === '/__cli/rotate') {
+            const ts = req.headers['x-botmux-cli-ts'];
+            const nonce = req.headers['x-botmux-cli-nonce'];
+            const sig = req.headers['x-botmux-cli-auth'];
+            if (typeof ts !== 'string' || typeof nonce !== 'string' || typeof sig !== 'string') {
+                return jsonRes(res, 400, { error: 'missing_headers' });
+            }
+            const remote = (req.socket.remoteAddress ?? '').replace(/^::ffff:/, '');
+            const r = verifyHmac(SECRET, { ts, nonce, sig }, remote);
+            if (!r.ok)
+                return jsonRes(res, 401, { error: 'unauthorized', reason: r.reason });
+            activeToken = generateToken();
+            const fullUrl = `http://${config.dashboard.externalHost}:${config.dashboard.port}/?t=${activeToken}`;
+            return jsonRes(res, 200, { url: fullUrl });
+        }
+        // All other paths require an authenticated session.
+        const tok = authedToken(req, url);
+        if (!tok || tok !== activeToken) {
+            res.writeHead(401, { 'content-type': 'text/html; charset=utf-8' });
+            res.end('<h1>Token expired</h1><p>Run <code>botmux dashboard</code> to get a fresh URL.</p>');
+            return;
+        }
+        // First hit with `?t=<token>` sets the cookie + redirects to clean URL.
+        if (url.searchParams.has('t')) {
+            res.writeHead(302, {
+                'set-cookie': buildSetCookie(tok),
+                'location': url.pathname || '/',
+            });
+            res.end();
+            return;
+        }
+        // ─── Static frontend (index.html + /assets/*) ──────────────────────────
+        if (req.method === 'GET' && (url.pathname === '/' || url.pathname.startsWith('/assets/'))) {
+            // Map /assets/foo.js → WEB_DIR/foo.js
+            const lookupPath = url.pathname.startsWith('/assets/')
+                ? '/' + url.pathname.slice(8)
+                : url.pathname;
+            if (serveStatic(req, res, lookupPath))
+                return;
+        }
+        // ─── Public API (cookie/token already validated above) ──────────────────
+        if (req.method === 'GET' && url.pathname === '/api/sessions') {
+            return jsonRes(res, 200, { sessions: aggregator.getSessions() });
+        }
+        if (req.method === 'GET' && url.pathname === '/api/schedules') {
+            return jsonRes(res, 200, { schedules: aggregator.getSchedules() });
+        }
+        let m;
+        if (req.method === 'POST' && (m = url.pathname.match(/^\/api\/sessions\/([^/]+)\/(close|locate)$/))) {
+            const sid = decodeURIComponent(m[1]);
+            const op = m[2];
+            const owner = aggregator.ownerOf(sid);
+            if (!owner)
+                return jsonRes(res, 404, { ok: false, error: 'unknown_session' });
+            const upstream = await proxyToDaemon(owner, `/api/sessions/${sid}/${op}`, { method: 'POST' });
+            res.writeHead(upstream.status, { 'content-type': 'application/json' });
+            res.end(await upstream.text());
+            return;
+        }
+        if (req.method === 'POST' && (m = url.pathname.match(/^\/api\/schedules\/([^/]+)\/(run|pause|resume)$/))) {
+            const id = decodeURIComponent(m[1]);
+            const op = m[2];
+            const owner = aggregator.scheduleOwnerOf(id);
+            if (!owner)
+                return jsonRes(res, 404, { ok: false, error: 'unknown_schedule' });
+            const upstream = await proxyToDaemon(owner, `/api/schedules/${id}/${op}`, { method: 'POST' });
+            res.writeHead(upstream.status, { 'content-type': 'application/json' });
+            res.end(await upstream.text());
+            return;
+        }
+        // ─── Groups (Phase B) ────────────────────────────────────────────────────
+        if (req.method === 'GET' && url.pathname === '/api/groups') {
+            // Fan out: each online daemon returns the chats its bot is in.
+            // Merge by chatId; populate memberBots with inChat flags for every configured bot.
+            const out = new Map();
+            // Sort by botIndex so the matrix columns + the create-group bot picker
+            // both match the order in bots.json (fs.readdir order is unstable).
+            const onlineBots = [...registry.list()].sort((a, b) => a.botIndex - b.botIndex);
+            await Promise.all(onlineBots.map(async (d) => {
+                try {
+                    const r = await fetch(`http://127.0.0.1:${d.ipcPort}/api/groups`);
+                    if (!r.ok)
+                        return;
+                    const j = await r.json();
+                    for (const c of j.chats ?? []) {
+                        // Strip per-bot fields from chat-level so the merged record stays
+                        // bot-agnostic. oncallChat lives inside memberBots; firstSeenAt is
+                        // accumulated as the earliest observation across all bots.
+                        const { oncallChat, firstSeenAt, ...chatBase } = c;
+                        const cur = out.get(c.chatId) ?? { ...chatBase, memberBots: [], _firstSeenAt: null };
+                        cur.memberBots.push({
+                            larkAppId: d.larkAppId,
+                            botName: d.botName,
+                            inChat: true,
+                            oncallChat: oncallChat ?? null,
+                        });
+                        if (typeof firstSeenAt === 'number') {
+                            cur._firstSeenAt = cur._firstSeenAt === null
+                                ? firstSeenAt
+                                : Math.min(cur._firstSeenAt, firstSeenAt);
+                        }
+                        out.set(c.chatId, cur);
+                    }
+                }
+                catch { /* skip offline daemons silently — best-effort */ }
+            }));
+            // Fill in inChat:false slots for bots NOT returned for a given chat (matrix view)
+            for (const c of out.values()) {
+                const present = new Set(c.memberBots.map((mb) => mb.larkAppId));
+                for (const b of onlineBots) {
+                    if (!present.has(b.larkAppId)) {
+                        c.memberBots.push({ larkAppId: b.larkAppId, botName: b.botName, inChat: false, oncallChat: null });
+                    }
+                }
+            }
+            // Sort newest-first by client-side firstSeenAt (Lark exposes no chat
+            // create_time, so daemon stamps timestamps the first time it lists each
+            // chat). Tie-break by name asc so chats backfilled in the same listChats
+            // pass — typically every chat on first deploy — get a stable order.
+            const sorted = [...out.values()]
+                .sort((a, b) => {
+                const ta = a._firstSeenAt ?? 0;
+                const tb = b._firstSeenAt ?? 0;
+                if (tb !== ta)
+                    return tb - ta;
+                return (a.name ?? a.chatId).localeCompare(b.name ?? b.chatId);
+            })
+                .map(({ _firstSeenAt, ...rest }) => rest);
+            return jsonRes(res, 200, {
+                chats: sorted,
+                bots: onlineBots.map(b => ({ larkAppId: b.larkAppId, botName: b.botName })),
+            });
+        }
+        let m2;
+        if (req.method === 'POST' && (m2 = url.pathname.match(/^\/api\/groups\/([^/]+)\/add-bots$/))) {
+            const chatId = decodeURIComponent(m2[1]);
+            // Read body once; we'll forward it to the proxy daemon
+            let raw;
+            try {
+                const chunks = [];
+                for await (const c of req)
+                    chunks.push(c);
+                raw = Buffer.concat(chunks).toString('utf8') || '{}';
+                JSON.parse(raw); // validate is JSON
+            }
+            catch {
+                return jsonRes(res, 400, { ok: false, error: 'bad_json' });
+            }
+            // Find a daemon whose bot is already in this chat
+            let proxy;
+            for (const d of registry.list()) {
+                try {
+                    const r = await fetch(`http://127.0.0.1:${d.ipcPort}/api/groups/${encodeURIComponent(chatId)}/membership`);
+                    if (!r.ok)
+                        continue;
+                    const j = await r.json();
+                    if (j.inChat) {
+                        proxy = d;
+                        break;
+                    }
+                }
+                catch { /* skip */ }
+            }
+            if (!proxy)
+                return jsonRes(res, 200, { ok: false, error: 'no_proxy_bot' });
+            const upstream = await fetch(`http://127.0.0.1:${proxy.ipcPort}/api/groups/${encodeURIComponent(chatId)}/add-bots`, { method: 'POST', headers: { 'content-type': 'application/json' }, body: raw });
+            res.writeHead(upstream.status, { 'content-type': 'application/json' });
+            res.end(await upstream.text());
+            return;
+        }
+        // Disband a chat. Body: `{ larkAppId }` — the bot whose daemon should
+        // perform the delete. Disband only succeeds when that bot is currently
+        // the chat owner (or creator with operate_as_owner scope, which botmux
+        // doesn't request by default), so the frontend is responsible for picking
+        // a viable bot. The route just proxies and surfaces Lark's error verbatim.
+        let mDisband;
+        if (req.method === 'POST' && (mDisband = url.pathname.match(/^\/api\/groups\/([^/]+)\/disband$/))) {
+            const chatId = decodeURIComponent(mDisband[1]);
+            let parsed;
+            try {
+                const chunks = [];
+                for await (const c of req)
+                    chunks.push(c);
+                parsed = JSON.parse(Buffer.concat(chunks).toString('utf8') || '{}');
+            }
+            catch {
+                return jsonRes(res, 400, { ok: false, error: 'bad_json' });
+            }
+            const appId = typeof parsed.larkAppId === 'string' ? parsed.larkAppId : '';
+            if (!appId)
+                return jsonRes(res, 400, { ok: false, error: 'larkAppId_required' });
+            const upstream = await proxyToDaemon(appId, `/api/groups/${encodeURIComponent(chatId)}/disband`, { method: 'POST' });
+            const upstreamText = await upstream.text();
+            let upstreamJson = null;
+            try {
+                upstreamJson = JSON.parse(upstreamText);
+            }
+            catch { /* tolerate */ }
+            // On successful disband, the chat is gone for everyone — every bot's
+            // session in this chat becomes a zombie (worker still alive, can't post).
+            // Close them all so the UI / Sessions list don't keep them as active.
+            let closedSessions = [];
+            if (upstreamJson?.ok) {
+                closedSessions = await closeSessionsMatching(s => s.chatId === chatId);
+            }
+            res.writeHead(upstream.status, { 'content-type': 'application/json' });
+            res.end(JSON.stringify({ ...(upstreamJson ?? {}), closedSessions }));
+            return;
+        }
+        // Make selected bots leave a chat. Body: `{ larkAppIds: string[] }`.  Each
+        // bot is removed via its own daemon (Lark allows self-removal under any
+        // role). Per-bot results returned so the UI can show partial successes.
+        let mLeave;
+        if (req.method === 'POST' && (mLeave = url.pathname.match(/^\/api\/groups\/([^/]+)\/leave$/))) {
+            const chatId = decodeURIComponent(mLeave[1]);
+            let parsed;
+            try {
+                const chunks = [];
+                for await (const c of req)
+                    chunks.push(c);
+                parsed = JSON.parse(Buffer.concat(chunks).toString('utf8') || '{}');
+            }
+            catch {
+                return jsonRes(res, 400, { ok: false, error: 'bad_json' });
+            }
+            const ids = Array.isArray(parsed.larkAppIds)
+                ? parsed.larkAppIds.filter((x) => typeof x === 'string')
+                : [];
+            if (ids.length === 0)
+                return jsonRes(res, 400, { ok: false, error: 'larkAppIds_required' });
+            // Re-check membership on the daemon side before issuing leave — UI cache
+            // can be stale, and Lark's bot-self-remove returns a confusing error if
+            // the bot isn't actually in the chat. Skipping such bots up-front keeps
+            // the per-bot result useful (`not_in_chat`) instead of a vague API error.
+            const result = await Promise.all(ids.map(async (appId) => {
+                const d = registry.getByAppId(appId);
+                if (!d)
+                    return { larkAppId: appId, ok: false, error: 'daemon_offline' };
+                try {
+                    const memRes = await fetch(`http://127.0.0.1:${d.ipcPort}/api/groups/${encodeURIComponent(chatId)}/membership`);
+                    const memJson = await memRes.json();
+                    if (!memJson.inChat)
+                        return { larkAppId: appId, ok: false, error: 'not_in_chat' };
+                }
+                catch (e) {
+                    return { larkAppId: appId, ok: false, error: `membership_check_failed: ${e?.message ?? e}` };
+                }
+                const upstream = await proxyToDaemon(appId, `/api/groups/${encodeURIComponent(chatId)}/leave`, { method: 'POST' });
+                const text = await upstream.text();
+                let body = null;
+                try {
+                    body = JSON.parse(text);
+                }
+                catch { /* tolerate */ }
+                // On successful leave, the leaving bot can no longer post into the
+                // chat — its sessions there are stranded. Close only THIS bot's
+                // sessions for THIS chat (other bots may still be in the chat with
+                // their own active sessions).
+                const closedSessions = body?.ok
+                    ? await closeSessionsMatching(s => s.chatId === chatId && s.larkAppId === appId)
+                    : [];
+                return {
+                    larkAppId: appId,
+                    ok: !!body?.ok,
+                    error: body?.ok ? undefined : (body?.error ?? `http_${upstream.status}`),
+                    closedSessions,
+                };
+            }));
+            return jsonRes(res, 200, { result });
+        }
+        // ─── Oncall bindings (per chat × bot) ────────────────────────────────────
+        // PUT /api/groups/:chatId/oncall/:larkAppId    body: {workingDir}
+        // DELETE /api/groups/:chatId/oncall/:larkAppId
+        let mOncall;
+        if ((mOncall = url.pathname.match(/^\/api\/groups\/([^/]+)\/oncall\/([^/]+)$/))) {
+            const chatId = decodeURIComponent(mOncall[1]);
+            const appId = decodeURIComponent(mOncall[2]);
+            if (req.method === 'PUT') {
+                const chunks = [];
+                for await (const c of req)
+                    chunks.push(c);
+                const raw = Buffer.concat(chunks).toString('utf8') || '{}';
+                const upstream = await proxyToDaemon(appId, `/api/oncall/${encodeURIComponent(chatId)}`, { method: 'PUT', headers: { 'content-type': 'application/json' }, body: raw });
+                res.writeHead(upstream.status, { 'content-type': 'application/json' });
+                res.end(await upstream.text());
+                return;
+            }
+            if (req.method === 'DELETE') {
+                const upstream = await proxyToDaemon(appId, `/api/oncall/${encodeURIComponent(chatId)}`, { method: 'DELETE' });
+                res.writeHead(upstream.status, { 'content-type': 'application/json' });
+                res.end(await upstream.text());
+                return;
+            }
+        }
+        // ─── Per-bot defaults (Bot Defaults tab) ─────────────────────────────────
+        // GET  /api/bots                         — fan out to each daemon, return
+        //                                          [{larkAppId, botName, defaultOncall, ...}]
+        // PUT  /api/bots/:appId/default-oncall   — proxy to that bot's daemon
+        if (req.method === 'GET' && url.pathname === '/api/bots') {
+            const onlineBots = [...registry.list()].sort((a, b) => a.botIndex - b.botIndex);
+            const out = await Promise.all(onlineBots.map(async (d) => {
+                try {
+                    const r = await fetch(`http://127.0.0.1:${d.ipcPort}/api/bot-default-oncall`);
+                    if (!r.ok) {
+                        return { larkAppId: d.larkAppId, botName: d.botName, online: true, error: `http_${r.status}` };
+                    }
+                    const j = await r.json();
+                    return {
+                        larkAppId: d.larkAppId,
+                        botName: d.botName ?? j.botName,
+                        online: true,
+                        defaultOncall: j.defaultOncall,
+                        autoboundChatCount: j.autoboundChatCount ?? 0,
+                    };
+                }
+                catch (e) {
+                    return { larkAppId: d.larkAppId, botName: d.botName, online: true, error: e?.message ?? String(e) };
+                }
+            }));
+            return jsonRes(res, 200, { bots: out });
+        }
+        let mBotDef;
+        if (req.method === 'PUT' && (mBotDef = url.pathname.match(/^\/api\/bots\/([^/]+)\/default-oncall$/))) {
+            const appId = decodeURIComponent(mBotDef[1]);
+            const chunks = [];
+            for await (const c of req)
+                chunks.push(c);
+            const raw = Buffer.concat(chunks).toString('utf8') || '{}';
+            const upstream = await proxyToDaemon(appId, `/api/bot-default-oncall`, {
+                method: 'PUT',
+                headers: { 'content-type': 'application/json' },
+                body: raw,
+            });
+            res.writeHead(upstream.status, { 'content-type': 'application/json' });
+            res.end(await upstream.text());
+            return;
+        }
+        // Create a new chat — pick a creator from the user-selected larkAppIds
+        // (Feishu makes the calling bot the implicit first member, so picking
+        // anything else would silently add an unwanted bot). Auto-invite the
+        // operator using the creator bot's pre-resolved allowedUsers — open_ids
+        // are app-scoped, so creator daemon and operator open_id come from the
+        // SAME bot by construction. See dashboard/operator-selector.ts.
+        if (req.method === 'POST' && url.pathname === '/api/groups/create') {
+            let parsed;
+            try {
+                const chunks = [];
+                for await (const c of req)
+                    chunks.push(c);
+                const raw = Buffer.concat(chunks).toString('utf8') || '{}';
+                parsed = JSON.parse(raw);
+            }
+            catch {
+                return jsonRes(res, 400, { ok: false, error: 'bad_json' });
+            }
+            const selectedIds = Array.isArray(parsed.larkAppIds)
+                ? parsed.larkAppIds.filter((x) => typeof x === 'string')
+                : [];
+            if (selectedIds.length === 0) {
+                return jsonRes(res, 400, { ok: false, error: 'larkAppIds_required' });
+            }
+            const explicit = Array.isArray(parsed.userOpenIds)
+                ? parsed.userOpenIds.filter((x) => typeof x === 'string')
+                : [];
+            const pick = pickCreatorForGroup(selectedIds, (id) => {
+                const d = registry.getByAppId(id);
+                return d ? { larkAppId: d.larkAppId, resolvedAllowedUsers: d.resolvedAllowedUsers ?? [] } : undefined;
+            });
+            if (!pick) {
+                return jsonRes(res, 503, { ok: false, error: 'no_online_daemon' });
+            }
+            const creator = registry.getByAppId(pick.creatorLarkAppId);
+            const merged = new Set([...explicit, ...pick.userOpenIds]);
+            // Auto-invite/transfer/notify target: prefer the explicit open_id passed
+            // by the caller (rare API consumer use), else the creator bot's first
+            // resolved allowlist entry.
+            const autoInvited = explicit[0] ?? pick.userOpenIds[0] ?? null;
+            const forwardBody = {
+                name: typeof parsed.name === 'string' ? parsed.name : undefined,
+                larkAppIds: selectedIds,
+                userOpenIds: [...merged],
+                // Auto-transfer ownership to the auto-invited operator. Scope-safe
+                // because the open_id was sourced from the creator bot's own allowlist.
+                transferOwnerTo: autoInvited ?? undefined,
+                // Send an @-mention message into the new chat so the operator gets a
+                // Feishu push notification — being a chat member alone doesn't always
+                // surface the chat in their sidebar (esp. mobile).
+                notifyOwnerOpenId: autoInvited ?? undefined,
+            };
+            const upstream = await fetch(`http://127.0.0.1:${creator.ipcPort}/api/groups/create`, { method: 'POST', headers: { 'content-type': 'application/json' }, body: JSON.stringify(forwardBody) });
+            const upstreamText = await upstream.text();
+            let upstreamJson = null;
+            try {
+                upstreamJson = JSON.parse(upstreamText);
+            }
+            catch { /* leave null */ }
+            if (upstreamJson && typeof upstreamJson === 'object') {
+                // If Lark rejected the invite (open_id wrong scope, banned user, etc.)
+                // null out autoInvitedOpenId so the frontend doesn't falsely claim
+                // success — the user actually isn't a member of the new chat.
+                const invalidUsers = Array.isArray(upstreamJson.invalidUserIds)
+                    ? upstreamJson.invalidUserIds
+                    : [];
+                if (autoInvited && invalidUsers.includes(autoInvited)) {
+                    upstreamJson.autoInvitedOpenId = null;
+                    upstreamJson.autoInviteRejected = true;
+                    // ownerTransferredTo is already null from daemon (it skips transfer
+                    // when invitee_rejected), so nothing more to do here.
+                }
+                else {
+                    upstreamJson.autoInvitedOpenId = autoInvited;
+                }
+            }
+            res.writeHead(upstream.status, { 'content-type': 'application/json' });
+            res.end(upstreamJson ? JSON.stringify(upstreamJson) : upstreamText);
+            return;
+        }
+        // Public SSE — relays aggregator's listener events
+        if (req.method === 'GET' && url.pathname === '/events') {
+            res.writeHead(200, {
+                'content-type': 'text/event-stream',
+                'cache-control': 'no-cache, no-transform',
+                'connection': 'keep-alive',
+            });
+            res.write('retry: 5000\n\n');
+            const off = aggregator.on(ev => {
+                res.write(`event: ${ev.type}\ndata: ${JSON.stringify({ larkAppId: ev.larkAppId, body: ev.body })}\n\n`);
+            });
+            const hb = setInterval(() => {
+                res.write(`event: heartbeat\ndata: ${JSON.stringify({ ts: Date.now() })}\n\n`);
+            }, 15_000);
+            res.on('close', () => { off(); clearInterval(hb); });
+            return;
+        }
+        // Public API + static frontend land in Task 17 / 18. For now: 404.
+        jsonRes(res, 404, { error: 'not_found_yet', path: url.pathname });
+    }
+    catch (err) {
+        logger.error('[dashboard] handler error', err);
+        if (!res.headersSent)
+            jsonRes(res, 500, { error: String(err) });
+    }
+});
+server.listen(config.dashboard.port, config.dashboard.host, () => {
+    logger.info(`[dashboard] listening on ${config.dashboard.host}:${config.dashboard.port}`);
+});
+// Graceful shutdown
+function shutdown() {
+    for (const off of subs.values())
+        off();
+    subs.clear();
+    registry.stop();
+    server.close(() => process.exit(0));
+    // Hard-exit fallback after 5s
+    setTimeout(() => process.exit(0), 5_000).unref();
+}
+process.on('SIGTERM', shutdown);
+process.on('SIGINT', shutdown);
+//# sourceMappingURL=dashboard.js.map