npm - heyhank - Versions diffs - 0.1.0 - Mend

heyhank 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

package/README.md +40 -0
package/bin/cli.ts +168 -0
package/bin/ctl.ts +528 -0
package/bin/generate-token.ts +28 -0
package/dist/apple-touch-icon.png +0 -0
package/dist/assets/AgentsPage-BPhirnCe.js +7 -0
package/dist/assets/AssistantPage-DJ-cMQfb.js +1 -0
package/dist/assets/CronManager-DDbz-yiT.js +1 -0
package/dist/assets/HelpPage-DMfkzERp.js +1 -0
package/dist/assets/IntegrationsPage-CrOitCmJ.js +1 -0
package/dist/assets/MediaPage-CE5rdvkC.js +1 -0
package/dist/assets/PlatformDashboard-Do6F0O2p.js +1 -0
package/dist/assets/Playground-Fc5cdc5p.js +109 -0
package/dist/assets/ProcessPanel-CslEiZkI.js +2 -0
package/dist/assets/PromptsPage-D2EhsdNO.js +4 -0
package/dist/assets/RunsPage-C5BZF5Rx.js +1 -0
package/dist/assets/SandboxManager-a1AVI5q2.js +8 -0
package/dist/assets/SettingsPage-DirhjQrJ.js +51 -0
package/dist/assets/SocialMediaPage-DBuM28vD.js +1 -0
package/dist/assets/TailscalePage-CHiFhZXF.js +1 -0
package/dist/assets/TelephonyPage-x0VV0fOo.js +1 -0
package/dist/assets/TerminalPage-Drwyrnfd.js +1 -0
package/dist/assets/gemini-audio-t-TSU-To.js +17 -0
package/dist/assets/gemini-live-client-C7rqAW7G.js +166 -0
package/dist/assets/index-C8M_PUmX.css +32 -0
package/dist/assets/index-CEqZnThB.js +204 -0
package/dist/assets/sw-register-LSSpj6RU.js +1 -0
package/dist/assets/time-ago-B6r_l9u1.js +1 -0
package/dist/assets/workbox-window.prod.es5-BIl4cyR9.js +2 -0
package/dist/favicon-32-original.png +0 -0
package/dist/favicon-32.png +0 -0
package/dist/favicon.ico +0 -0
package/dist/favicon.svg +8 -0
package/dist/fonts/MesloLGSNerdFontMono-Bold.woff2 +0 -0
package/dist/fonts/MesloLGSNerdFontMono-Regular.woff2 +0 -0
package/dist/heyhank-mascot-poster.png +0 -0
package/dist/heyhank-mascot.mp4 +0 -0
package/dist/heyhank-mascot.webm +0 -0
package/dist/icon-192-original.png +0 -0
package/dist/icon-192.png +0 -0
package/dist/icon-512-original.png +0 -0
package/dist/icon-512.png +0 -0
package/dist/index.html +21 -0
package/dist/logo-192.png +0 -0
package/dist/logo-512.png +0 -0
package/dist/logo-codex.svg +14 -0
package/dist/logo-docker.svg +4 -0
package/dist/logo-original.png +0 -0
package/dist/logo.png +0 -0
package/dist/logo.svg +14 -0
package/dist/manifest.json +24 -0
package/dist/push-sw.js +34 -0
package/dist/sw.js +1 -0
package/dist/workbox-d2a0910a.js +1 -0
package/package.json +109 -0
package/server/agent-cron-migrator.ts +85 -0
package/server/agent-executor.ts +357 -0
package/server/agent-store.ts +185 -0
package/server/agent-timeout.ts +107 -0
package/server/agent-types.ts +122 -0
package/server/ai-validation-settings.ts +37 -0
package/server/ai-validator.ts +181 -0
package/server/anthropic-provider-migration.ts +48 -0
package/server/assistant-store.ts +272 -0
package/server/auth-manager.ts +150 -0
package/server/auto-approve.ts +153 -0
package/server/auto-namer.ts +36 -0
package/server/backend-adapter.ts +54 -0
package/server/cache-headers.ts +61 -0
package/server/calendar-service.ts +434 -0
package/server/claude-adapter.ts +889 -0
package/server/claude-container-auth.ts +30 -0
package/server/claude-session-discovery.ts +157 -0
package/server/claude-session-history.ts +410 -0
package/server/cli-launcher.ts +1303 -0
package/server/codex-adapter.ts +3027 -0
package/server/codex-container-auth.ts +24 -0
package/server/codex-home.ts +27 -0
package/server/codex-ws-proxy.cjs +226 -0
package/server/commands-discovery.ts +81 -0
package/server/constants.ts +7 -0
package/server/container-manager.ts +1053 -0
package/server/cost-tracker.ts +222 -0
package/server/cron-scheduler.ts +243 -0
package/server/cron-store.ts +148 -0
package/server/cron-types.ts +63 -0
package/server/email-service.ts +354 -0
package/server/env-manager.ts +161 -0
package/server/event-bus-types.ts +75 -0
package/server/event-bus.ts +124 -0
package/server/execution-store.ts +170 -0
package/server/federation/node-connection.ts +190 -0
package/server/federation/node-manager.ts +366 -0
package/server/federation/node-store.ts +86 -0
package/server/federation/node-types.ts +121 -0
package/server/fs-utils.ts +15 -0
package/server/git-utils.ts +421 -0
package/server/github-pr.ts +379 -0
package/server/google-media.ts +342 -0
package/server/image-pull-manager.ts +279 -0
package/server/index.ts +491 -0
package/server/internal-ai.ts +237 -0
package/server/kill-switch.ts +99 -0
package/server/llm-providers.ts +342 -0
package/server/logger.ts +259 -0
package/server/mcp-registry.ts +401 -0
package/server/message-bus.ts +271 -0
package/server/message-delivery.ts +128 -0
package/server/metrics-collector.ts +350 -0
package/server/metrics-types.ts +108 -0
package/server/middleware/managed-auth.ts +195 -0
package/server/novnc-proxy.ts +99 -0
package/server/path-resolver.ts +186 -0
package/server/paths.ts +13 -0
package/server/pr-poller.ts +162 -0
package/server/prompt-manager.ts +211 -0
package/server/protocol/claude-upstream/README.md +19 -0
package/server/protocol/claude-upstream/sdk.d.ts.txt +1943 -0
package/server/protocol/codex-upstream/ClientNotification.ts.txt +5 -0
package/server/protocol/codex-upstream/ClientRequest.ts.txt +60 -0
package/server/protocol/codex-upstream/README.md +18 -0
package/server/protocol/codex-upstream/ServerNotification.ts.txt +41 -0
package/server/protocol/codex-upstream/ServerRequest.ts.txt +16 -0
package/server/protocol/codex-upstream/v2/DynamicToolCallParams.ts.txt +6 -0
package/server/protocol/codex-upstream/v2/DynamicToolCallResponse.ts.txt +6 -0
package/server/protocol-monitor.ts +50 -0
package/server/provider-manager.ts +111 -0
package/server/provider-registry.ts +393 -0
package/server/push-notifications.ts +221 -0
package/server/recorder.ts +374 -0
package/server/recording-hub/compat-validator.ts +284 -0
package/server/recording-hub/diagnostics.ts +299 -0
package/server/recording-hub/hub-config.ts +19 -0
package/server/recording-hub/hub-routes.ts +236 -0
package/server/recording-hub/hub-store.ts +265 -0
package/server/recording-hub/replay-adapter.ts +207 -0
package/server/relay-client.ts +320 -0
package/server/reminder-scheduler.ts +38 -0
package/server/replay.ts +78 -0
package/server/routes/agent-routes.ts +264 -0
package/server/routes/assistant-routes.ts +90 -0
package/server/routes/cron-routes.ts +103 -0
package/server/routes/env-routes.ts +95 -0
package/server/routes/federation-routes.ts +76 -0
package/server/routes/fs-routes.ts +622 -0
package/server/routes/git-routes.ts +97 -0
package/server/routes/llm-routes.ts +166 -0
package/server/routes/media-routes.ts +135 -0
package/server/routes/metrics-routes.ts +13 -0
package/server/routes/platform-routes.ts +1379 -0
package/server/routes/prompt-routes.ts +67 -0
package/server/routes/provider-routes.ts +109 -0
package/server/routes/sandbox-routes.ts +127 -0
package/server/routes/settings-routes.ts +285 -0
package/server/routes/skills-routes.ts +100 -0
package/server/routes/socialmedia-routes.ts +208 -0
package/server/routes/system-routes.ts +228 -0
package/server/routes/tailscale-routes.ts +22 -0
package/server/routes/telephony-routes.ts +259 -0
package/server/routes.ts +1379 -0
package/server/sandbox-manager.ts +168 -0
package/server/service.ts +718 -0
package/server/session-creation-service.ts +457 -0
package/server/session-git-info.ts +104 -0
package/server/session-names.ts +67 -0
package/server/session-orchestrator.ts +824 -0
package/server/session-state-machine.ts +207 -0
package/server/session-store.ts +146 -0
package/server/session-types.ts +511 -0
package/server/settings-manager.ts +149 -0
package/server/shared-context.ts +157 -0
package/server/socialmedia/adapter.ts +15 -0
package/server/socialmedia/adapters/ayrshare-adapter.ts +169 -0
package/server/socialmedia/adapters/buffer-adapter.ts +299 -0
package/server/socialmedia/adapters/postiz-adapter.ts +298 -0
package/server/socialmedia/manager.ts +227 -0
package/server/socialmedia/store.ts +98 -0
package/server/socialmedia/types.ts +89 -0
package/server/tailscale-manager.ts +451 -0
package/server/telephony/audio-bridge.ts +331 -0
package/server/telephony/call-manager.ts +457 -0
package/server/telephony/call-types.ts +108 -0
package/server/telephony/telephony-store.ts +119 -0
package/server/terminal-manager.ts +240 -0
package/server/update-checker.ts +192 -0
package/server/usage-limits.ts +225 -0
package/server/web-push.d.ts +51 -0
package/server/worktree-tracker.ts +84 -0
package/server/ws-auth.ts +41 -0
package/server/ws-bridge-browser-ingest.ts +72 -0
package/server/ws-bridge-browser.ts +112 -0
package/server/ws-bridge-cli-ingest.ts +81 -0
package/server/ws-bridge-codex.ts +266 -0
package/server/ws-bridge-controls.ts +20 -0
package/server/ws-bridge-persist.ts +66 -0
package/server/ws-bridge-publish.ts +79 -0
package/server/ws-bridge-replay.ts +61 -0
package/server/ws-bridge-types.ts +121 -0
package/server/ws-bridge.ts +1240 -0

package/server/agent-types.ts ADDED Viewed

@@ -0,0 +1,122 @@
+// ─── Agent Types ─────────────────────────────────────────────────────────────
+export interface McpServerConfigAgent {
+  type: "stdio" | "sse" | "http";
+  command?: string;
+  args?: string[];
+  url?: string;
+  env?: Record<string, string>;
+}
+export interface AgentConfig {
+  /** Unique slug-based ID (derived from name) */
+  id: string;
+  /** Schema version for forward compat */
+  version: 1;
+  /** Human-readable name */
+  name: string;
+  /** Short description of what this agent does */
+  description: string;
+  /** Emoji or icon identifier */
+  icon?: string;
+  // ── Session Config ──
+  /** "claude", "codex", "ollama", "openrouter", or "gemini" */
+  backendType: "claude" | "codex" | "ollama" | "openrouter" | "gemini";
+  /** Model to use (e.g. "claude-sonnet-4-6") */
+  model: string;
+  /** Permission mode — "bypassPermissions" for Claude auto mode */
+  permissionMode: string;
+  /** Working directory path, or "temp" for an auto-created temp dir */
+  cwd: string;
+  /** Optional environment slug (references ~/.heyhank/envs/) */
+  envSlug?: string;
+  /** Extra environment variables */
+  env?: Record<string, string>;
+  /** Tool allowlist (empty = all tools) */
+  allowedTools?: string[];
+  /** Codex-specific: internet access */
+  codexInternetAccess?: boolean;
+  // ── Prompt ──
+  /** Prompt template. Use {{input}} as placeholder for trigger-provided input */
+  prompt: string;
+  // ── MCP Servers ──
+  /** MCP server configs to set on the session after CLI connects */
+  mcpServers?: Record<string, McpServerConfigAgent>;
+  // ── Skills ──
+  /** Skill slugs to attach (from ~/.claude/skills/) */
+  skills?: string[];
+  // ── Docker ──
+  /** Optional Docker container configuration */
+  container?: {
+    image?: string;
+    ports?: number[];
+    volumes?: string[];
+    initScript?: string;
+  };
+  // ── Git ──
+  branch?: string;
+  createBranch?: boolean;
+  useWorktree?: boolean;
+  // ── Triggers ──
+  triggers?: {
+    /** Webhook trigger config */
+    webhook?: {
+      enabled: boolean;
+      /** Auto-generated secret token for URL auth */
+      secret: string;
+    };
+    /** Cron/schedule trigger config */
+    schedule?: {
+      enabled: boolean;
+      /** Cron expression or ISO datetime */
+      expression: string;
+      /** true = recurring cron, false = one-shot */
+      recurring: boolean;
+    };
+  };
+  // ── Tracking ──
+  enabled: boolean;
+  createdAt: number;
+  updatedAt: number;
+  lastRunAt?: number;
+  lastSessionId?: string;
+  totalRuns: number;
+  consecutiveFailures: number;
+}
+/** Input for creating an agent (without auto-generated fields) */
+export type AgentConfigCreateInput = Omit<
+  AgentConfig,
+  "id" | "createdAt" | "updatedAt" | "totalRuns" | "consecutiveFailures" | "lastRunAt" | "lastSessionId"
+>;
+/** The portable/shareable JSON format (no internal tracking fields) */
+export type AgentConfigExport = Omit<
+  AgentConfig,
+  "id" | "createdAt" | "updatedAt" | "totalRuns" | "consecutiveFailures" | "lastRunAt" | "lastSessionId" | "enabled"
+>;
+export interface AgentExecution {
+  /** The session ID created for this execution */
+  sessionId: string;
+  /** The agent ID that triggered this */
+  agentId: string;
+  /** Trigger type that initiated this execution */
+  triggerType: "manual" | "webhook" | "schedule";
+  /** When the execution started */
+  startedAt: number;
+  /** When the execution completed */
+  completedAt?: number;
+  /** Whether the execution succeeded */
+  success?: boolean;
+  /** Error message if it failed */
+  error?: string;
+}

package/server/ai-validation-settings.ts ADDED Viewed

@@ -0,0 +1,37 @@
+import { getSettings } from "./settings-manager.js";
+import { hasInternalAI } from "./internal-ai.js";
+import type { SessionState } from "./session-types.js";
+export interface EffectiveAiValidationSettings {
+  enabled: boolean;
+  autoApprove: boolean;
+  autoDeny: boolean;
+  /** @deprecated Use hasInternalAI() instead. Kept for backward compat in ws-bridge checks. */
+  anthropicApiKey: string;
+}
+/**
+ * Resolve effective AI validation settings for a session.
+ * Session-level overrides take priority; falls back to global settings.
+ */
+export function getEffectiveAiValidation(
+  sessionState: SessionState,
+): EffectiveAiValidationSettings {
+  const global = getSettings();
+  return {
+    enabled:
+      sessionState.aiValidationEnabled != null
+        ? sessionState.aiValidationEnabled
+        : global.aiValidationEnabled,
+    autoApprove:
+      sessionState.aiValidationAutoApprove != null
+        ? sessionState.aiValidationAutoApprove
+        : global.aiValidationAutoApprove,
+    autoDeny:
+      sessionState.aiValidationAutoDeny != null
+        ? sessionState.aiValidationAutoDeny
+        : global.aiValidationAutoDeny,
+    // For backward compat: return a truthy string if any AI provider is available
+    anthropicApiKey: hasInternalAI() ? "configured" : "",
+  };
+}

package/server/ai-validator.ts ADDED Viewed

@@ -0,0 +1,181 @@
+import { callInternalAI } from "./internal-ai.js";
+const AI_TIMEOUT_MS = 5_000;
+export type AiVerdict = "safe" | "dangerous" | "uncertain";
+export interface AiValidationResult {
+  verdict: AiVerdict;
+  reason: string;
+  ruleBasedOnly: boolean;
+}
+// Tools that are always safe (read-only, no side effects)
+const SAFE_TOOLS = new Set(["Read", "Glob", "Grep", "Task"]);
+// Tools that should always be shown to the user (interactive)
+const ALWAYS_MANUAL_TOOLS = new Set(["AskUserQuestion", "ExitPlanMode"]);
+// Dangerous patterns for Bash commands
+const DANGEROUS_BASH_PATTERNS: Array<{ pattern: RegExp; reason: string }> = [
+  { pattern: /\brm\s+(-\w*r\w*\s+(-\w*f\w*\s+)?|(-\w*f\w*\s+)?-\w*r\w*\s+)[/~.]/, reason: "Recursive delete of root, home, or current directory" },
+  { pattern: /\|\s*(ba)?sh\b/, reason: "Piping content to shell execution" },
+  { pattern: /\|\s*bash\b/, reason: "Piping content to bash" },
+  { pattern: /\bcurl\b.*\|\s*(ba)?sh/, reason: "Piping remote content to shell" },
+  { pattern: /\bwget\b.*\|\s*(ba)?sh/, reason: "Piping remote download to shell" },
+  { pattern: /^\s*sudo\b/, reason: "Privilege escalation with sudo" },
+  { pattern: /\bgit\s+push\s+.*(-f|--force)\b/, reason: "Force pushing to remote" },
+  { pattern: /\bgit\s+push\s+(-f|--force)\b/, reason: "Force pushing to remote" },
+  { pattern: /\bDROP\s+(DATABASE|TABLE)\b/i, reason: "Dropping database or table" },
+  { pattern: /\bTRUNCATE\s+TABLE\b/i, reason: "Truncating table" },
+  { pattern: /\bmkfs\b/, reason: "Formatting filesystem" },
+  { pattern: /\bdd\s+if=/, reason: "Direct disk write with dd" },
+  { pattern: /:\(\)\s*\{\s*:\|:&\s*\}\s*;?\s*:/, reason: "Fork bomb" },
+  { pattern: /\b(shutdown|reboot|init\s+0)\b/, reason: "System shutdown or reboot" },
+  { pattern: />\s*\/dev\/[hs]d[a-z]/, reason: "Writing to block device" },
+  { pattern: /\bchmod\s+777\b/, reason: "Setting overly permissive file permissions" },
+];
+// Sensitive file paths for Write/Edit tools
+const SENSITIVE_PATH_PATTERNS: Array<{ pattern: RegExp; reason: string }> = [
+  { pattern: /\/etc\/passwd\b/, reason: "Modifying system password file" },
+  { pattern: /\/etc\/shadow\b/, reason: "Modifying system shadow file" },
+  { pattern: /\/etc\/sudoers\b/, reason: "Modifying sudoers file" },
+  { pattern: /\.ssh\/authorized_keys\b/, reason: "Modifying SSH authorized keys" },
+  { pattern: /\.ssh\/id_[a-z]+\b/, reason: "Modifying SSH private keys" },
+];
+/**
+ * Rule-based pre-filter: returns a verdict without making any API call,
+ * or null if the tool call needs AI evaluation.
+ */
+export function ruleBasedFilter(
+  toolName: string,
+  input: Record<string, unknown>,
+): AiValidationResult | null {
+  // Always-safe read-only tools
+  if (SAFE_TOOLS.has(toolName)) {
+    return { verdict: "safe", reason: `${toolName} is a read-only tool`, ruleBasedOnly: true };
+  }
+  // Always-manual interactive tools
+  if (ALWAYS_MANUAL_TOOLS.has(toolName)) {
+    return { verdict: "uncertain", reason: "Interactive tool requires user input", ruleBasedOnly: true };
+  }
+  // Bash command analysis
+  if (toolName === "Bash" || toolName === "bash") {
+    const command = typeof input.command === "string" ? input.command : "";
+    for (const { pattern, reason } of DANGEROUS_BASH_PATTERNS) {
+      if (pattern.test(command)) {
+        return { verdict: "dangerous", reason, ruleBasedOnly: true };
+      }
+    }
+  }
+  // Write/Edit sensitive path analysis
+  if (toolName === "Write" || toolName === "Edit") {
+    const filePath = typeof input.file_path === "string"
+      ? input.file_path
+      : typeof input.path === "string"
+        ? input.path
+        : "";
+    for (const { pattern, reason } of SENSITIVE_PATH_PATTERNS) {
+      if (pattern.test(filePath)) {
+        return { verdict: "dangerous", reason, ruleBasedOnly: true };
+      }
+    }
+  }
+  // No rule matched — needs AI evaluation
+  return null;
+}
+const SYSTEM_PROMPT = `You are a security validator for a coding assistant. You evaluate tool calls and classify them as "safe", "dangerous", or "uncertain".
+Respond with exactly one JSON object on a single line:
+{"verdict": "safe"|"dangerous"|"uncertain", "reason": "brief explanation"}
+Rules:
+- "safe": The operation is clearly non-destructive (reading files, creating new files in project dirs, standard dev commands like npm install/test, git commit, running tests, writing code)
+- "dangerous": The operation could cause data loss, security issues, or system damage (deleting files recursively, modifying system files, running untrusted scripts, force-pushing, dropping databases, privilege escalation)
+- "uncertain": You cannot confidently determine safety (complex bash pipelines, unfamiliar tools, ambiguous file operations)
+Be conservative: when in doubt, say "uncertain" rather than "safe".`;
+/**
+ * Call the configured internal AI provider to evaluate a tool call.
+ */
+export async function aiEvaluate(
+  toolName: string,
+  input: Record<string, unknown>,
+  description?: string,
+): Promise<AiValidationResult> {
+  const inputStr = JSON.stringify(input, null, 0);
+  const truncatedInput = inputStr.length > 1000 ? inputStr.slice(0, 1000) + "..." : inputStr;
+  let userPrompt = `Tool: ${toolName}\nInput: ${truncatedInput}`;
+  if (description) {
+    userPrompt += `\nDescription: ${description}`;
+  }
+  const result = await callInternalAI({
+    systemPrompt: SYSTEM_PROMPT,
+    userPrompt,
+    maxTokens: 256,
+    temperature: 0,
+    timeoutMs: AI_TIMEOUT_MS,
+  });
+  if (!result.ok) {
+    console.warn(`[ai-validator] AI evaluation failed: ${result.error}`);
+    return { verdict: "uncertain", reason: result.error || "AI evaluation failed", ruleBasedOnly: false };
+  }
+  return parseAiResponse(result.text);
+}
+/**
+ * Parse the AI model's JSON response into a structured result.
+ */
+export function parseAiResponse(raw: string): AiValidationResult {
+  try {
+    // Try to extract JSON from the response (the model may include extra text)
+    const jsonMatch = raw.match(/\{[^}]*"verdict"\s*:\s*"[^"]*"[^}]*\}/);
+    if (!jsonMatch) {
+      return { verdict: "uncertain", reason: "Could not parse AI response", ruleBasedOnly: false };
+    }
+    const parsed = JSON.parse(jsonMatch[0]) as { verdict?: string; reason?: string };
+    if (parsed.verdict === "safe" || parsed.verdict === "dangerous" || parsed.verdict === "uncertain") {
+      return {
+        verdict: parsed.verdict,
+        reason: typeof parsed.reason === "string" ? parsed.reason : "No reason provided",
+        ruleBasedOnly: false,
+      };
+    }
+    return { verdict: "uncertain", reason: "Invalid AI verdict value", ruleBasedOnly: false };
+  } catch {
+    return { verdict: "uncertain", reason: "Failed to parse AI response JSON", ruleBasedOnly: false };
+  }
+}
+/**
+ * Main entry point: validate a permission request using rule-based filter first,
+ * then AI if needed.
+ */
+export async function validatePermission(
+  toolName: string,
+  input: Record<string, unknown>,
+  description?: string,
+): Promise<AiValidationResult> {
+  // Step 1: Try rule-based filter (instant, no API call)
+  const ruleResult = ruleBasedFilter(toolName, input);
+  if (ruleResult) {
+    return ruleResult;
+  }
+  // Step 2: Call AI for evaluation
+  return aiEvaluate(toolName, input, description);
+}

package/server/anthropic-provider-migration.ts ADDED Viewed

@@ -0,0 +1,48 @@
+// Anthropic API Key Provider Migration
+// One-time migration: moves the legacy anthropicApiKey from settings.json
+// into the provider system (providers.json) under the "anthropic" provider.
+// This runs on server startup to handle the transition from legacy settings
+// to the unified provider management system.
+import { getSettings, updateSettings } from "./settings-manager.js";
+import { getProviderConfig, upsertProviderConfig } from "./provider-manager.js";
+/** Migrate legacy Anthropic API key from settings to the provider system.
+ *  This is a one-time operation: once the key is moved, the legacy field is cleared. */
+export function migrateAnthropicApiKeyToProvider(): void {
+  const settings = getSettings();
+  // Nothing to migrate if no legacy key
+  const legacyKey = settings.anthropicApiKey?.trim();
+  if (!legacyKey) return;
+  // Check if anthropic provider already has a key configured
+  const existing = getProviderConfig("anthropic");
+  if (existing && existing.envValues.ANTHROPIC_API_KEY?.trim()) {
+    // Provider already configured — just clear the legacy field
+    console.log(
+      "[anthropic-migration] Provider already configured, clearing legacy settings field.",
+    );
+    updateSettings({ anthropicApiKey: "" });
+    return;
+  }
+  // Migrate key into provider system
+  const model = settings.anthropicModel?.trim() || "";
+  upsertProviderConfig("anthropic", {
+    enabled: true,
+    envValues: { ANTHROPIC_API_KEY: legacyKey },
+    ...(model ? { customModel: model } : {}),
+  });
+  // Also set as internalAiProvider if not already set
+  if (!settings.internalAiProvider?.trim()) {
+    updateSettings({ anthropicApiKey: "", internalAiProvider: "anthropic" });
+  } else {
+    updateSettings({ anthropicApiKey: "" });
+  }
+  console.log(
+    "[anthropic-migration] Migrated legacy Anthropic API key to provider system.",
+  );
+}

package/server/assistant-store.ts ADDED Viewed

@@ -0,0 +1,272 @@
+// ─── Assistant Store ──────────────────────────────────────────────────────────
+// Persistent storage for personal assistant features: todos, notes, reminders.
+// All data stored as JSON in ~/.heyhank/assistant/
+import { readFileSync, writeFileSync, mkdirSync, existsSync } from "node:fs";
+import { join } from "node:path";
+import { HEYHANK_HOME } from "./paths.js";
+const ASSISTANT_DIR = join(HEYHANK_HOME, "assistant");
+function ensureDir(): void {
+  if (!existsSync(ASSISTANT_DIR)) {
+    mkdirSync(ASSISTANT_DIR, { recursive: true });
+  }
+}
+function readJson<T>(filename: string, fallback: T): T {
+  ensureDir();
+  const path = join(ASSISTANT_DIR, filename);
+  try {
+    if (existsSync(path)) {
+      return JSON.parse(readFileSync(path, "utf-8")) as T;
+    }
+  } catch {}
+  return fallback;
+}
+function writeJson(filename: string, data: unknown): void {
+  ensureDir();
+  writeFileSync(join(ASSISTANT_DIR, filename), JSON.stringify(data, null, 2), "utf-8");
+}
+// ─── Todos ────────────────────────────────────────────────────────────────────
+export interface Todo {
+  id: string;
+  text: string;
+  priority: "high" | "medium" | "low";
+  done: boolean;
+  createdAt: string;
+  doneAt?: string;
+  category?: string;
+}
+function genId(): string {
+  return Date.now().toString(36) + Math.random().toString(36).slice(2, 6);
+}
+export function listTodos(filter?: { done?: boolean; priority?: string; category?: string }): Todo[] {
+  const todos = readJson<Todo[]>("todos.json", []);
+  return todos.filter((t) => {
+    if (filter?.done !== undefined && t.done !== filter.done) return false;
+    if (filter?.priority && t.priority !== filter.priority) return false;
+    if (filter?.category && t.category !== filter.category) return false;
+    return true;
+  });
+}
+export function addTodo(text: string, priority: string = "medium", category?: string): Todo {
+  const todos = readJson<Todo[]>("todos.json", []);
+  const todo: Todo = {
+    id: genId(),
+    text,
+    priority: (["high", "medium", "low"].includes(priority) ? priority : "medium") as Todo["priority"],
+    done: false,
+    createdAt: new Date().toISOString(),
+    category,
+  };
+  todos.push(todo);
+  writeJson("todos.json", todos);
+  return todo;
+}
+export function completeTodo(id: string): Todo | null {
+  const todos = readJson<Todo[]>("todos.json", []);
+  const todo = todos.find((t) => t.id === id);
+  if (!todo) return null;
+  todo.done = true;
+  todo.doneAt = new Date().toISOString();
+  writeJson("todos.json", todos);
+  return todo;
+}
+export function deleteTodo(id: string): boolean {
+  const todos = readJson<Todo[]>("todos.json", []);
+  const idx = todos.findIndex((t) => t.id === id);
+  if (idx === -1) return false;
+  todos.splice(idx, 1);
+  writeJson("todos.json", todos);
+  return true;
+}
+export function updateTodo(id: string, patch: { text?: string; priority?: string; category?: string }): Todo | null {
+  const todos = readJson<Todo[]>("todos.json", []);
+  const todo = todos.find((t) => t.id === id);
+  if (!todo) return null;
+  if (patch.text) todo.text = patch.text;
+  if (patch.priority && ["high", "medium", "low"].includes(patch.priority)) {
+    todo.priority = patch.priority as Todo["priority"];
+  }
+  if (patch.category !== undefined) todo.category = patch.category;
+  writeJson("todos.json", todos);
+  return todo;
+}
+// ─── Notes ────────────────────────────────────────────────────────────────────
+export interface Note {
+  id: string;
+  title: string;
+  content: string;
+  tags: string[];
+  createdAt: string;
+  updatedAt: string;
+}
+export function listNotes(search?: string): Note[] {
+  const notes = readJson<Note[]>("notes.json", []);
+  if (!search) return notes;
+  const q = search.toLowerCase();
+  return notes.filter((n) =>
+    n.title.toLowerCase().includes(q) ||
+    n.content.toLowerCase().includes(q) ||
+    n.tags.some((t) => t.toLowerCase().includes(q))
+  );
+}
+export function addNote(title: string, content: string, tags: string[] = []): Note {
+  const notes = readJson<Note[]>("notes.json", []);
+  const note: Note = {
+    id: genId(),
+    title,
+    content,
+    tags,
+    createdAt: new Date().toISOString(),
+    updatedAt: new Date().toISOString(),
+  };
+  notes.push(note);
+  writeJson("notes.json", notes);
+  return note;
+}
+export function getNote(id: string): Note | null {
+  const notes = readJson<Note[]>("notes.json", []);
+  return notes.find((n) => n.id === id) || null;
+}
+export function updateNote(id: string, patch: { title?: string; content?: string; tags?: string[] }): Note | null {
+  const notes = readJson<Note[]>("notes.json", []);
+  const note = notes.find((n) => n.id === id);
+  if (!note) return null;
+  if (patch.title) note.title = patch.title;
+  if (patch.content) note.content = patch.content;
+  if (patch.tags) note.tags = patch.tags;
+  note.updatedAt = new Date().toISOString();
+  writeJson("notes.json", notes);
+  return note;
+}
+export function deleteNote(id: string): boolean {
+  const notes = readJson<Note[]>("notes.json", []);
+  const idx = notes.findIndex((n) => n.id === id);
+  if (idx === -1) return false;
+  notes.splice(idx, 1);
+  writeJson("notes.json", notes);
+  return true;
+}
+// ─── Reminders ────────────────────────────────────────────────────────────────
+export interface Reminder {
+  id: string;
+  text: string;
+  triggerAt: string; // ISO datetime
+  fired: boolean;
+  createdAt: string;
+}
+export function listReminders(includeFired = false): Reminder[] {
+  const reminders = readJson<Reminder[]>("reminders.json", []);
+  return includeFired ? reminders : reminders.filter((r) => !r.fired);
+}
+export function addReminder(text: string, triggerAt: string): Reminder {
+  const reminders = readJson<Reminder[]>("reminders.json", []);
+  const reminder: Reminder = {
+    id: genId(),
+    text,
+    triggerAt,
+    fired: false,
+    createdAt: new Date().toISOString(),
+  };
+  reminders.push(reminder);
+  writeJson("reminders.json", reminders);
+  return reminder;
+}
+export function fireReminder(id: string): Reminder | null {
+  const reminders = readJson<Reminder[]>("reminders.json", []);
+  const r = reminders.find((rem) => rem.id === id);
+  if (!r) return null;
+  r.fired = true;
+  writeJson("reminders.json", reminders);
+  return r;
+}
+export function deleteReminder(id: string): boolean {
+  const reminders = readJson<Reminder[]>("reminders.json", []);
+  const idx = reminders.findIndex((r) => r.id === id);
+  if (idx === -1) return false;
+  reminders.splice(idx, 1);
+  writeJson("reminders.json", reminders);
+  return true;
+}
+/** Get all reminders that should have fired by now */
+export function getDueReminders(): Reminder[] {
+  const now = new Date().toISOString();
+  const reminders = readJson<Reminder[]>("reminders.json", []);
+  return reminders.filter((r) => !r.fired && r.triggerAt <= now);
+}
+// ─── Gemini Conversations ──────��─────────────────────────────────────────────
+export interface GeminiConversation {
+  id: string;
+  title: string;
+  messages: Array<{ role: "user" | "gemini" | "system"; text: string; ts: number }>;
+  createdAt: string;
+  duration?: number; // seconds
+}
+export function listGeminiConversations(): GeminiConversation[] {
+  return readJson<GeminiConversation[]>("gemini-conversations.json", [])
+    .sort((a, b) => new Date(b.createdAt).getTime() - new Date(a.createdAt).getTime());
+}
+export function saveGeminiConversation(
+  messages: Array<{ role: "user" | "gemini" | "system"; text: string; ts: number }>,
+  duration?: number,
+): GeminiConversation {
+  const convos = readJson<GeminiConversation[]>("gemini-conversations.json", []);
+  // Generate title from first user message
+  const firstUser = messages.find((m) => m.role === "user");
+  const title = firstUser ? firstUser.text.slice(0, 80) : "Gemini conversation";
+  const convo: GeminiConversation = {
+    id: genId(),
+    title,
+    messages: messages.filter((m) => m.role !== "system"),
+    createdAt: new Date().toISOString(),
+    duration,
+  };
+  convos.push(convo);
+  // Keep last 100 conversations
+  if (convos.length > 100) convos.splice(0, convos.length - 100);
+  writeJson("gemini-conversations.json", convos);
+  return convo;
+}
+export function getGeminiConversation(id: string): GeminiConversation | null {
+  const convos = readJson<GeminiConversation[]>("gemini-conversations.json", []);
+  return convos.find((c) => c.id === id) || null;
+}
+export function deleteGeminiConversation(id: string): boolean {
+  const convos = readJson<GeminiConversation[]>("gemini-conversations.json", []);
+  const idx = convos.findIndex((c) => c.id === id);
+  if (idx === -1) return false;
+  convos.splice(idx, 1);
+  writeJson("gemini-conversations.json", convos);
+  return true;
+}