heyiam 0.3.0 → 0.3.2

package/dist/routes/publish.js

@@ -1,14 +1,20 @@
 import { Router } from 'express';
-import { readFileSync } from 'node:fs';
+import { readFileSync, mkdtempSync, rmSync, statSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import path from 'node:path';
 import { randomUUID } from 'node:crypto';
 import { getAuthToken } from '../auth.js';
 import { API_URL, PUBLIC_URL, warnIfNonDefaultApiUrl } from '../config.js';
-import { loadEnhancedData, saveEnhancedData, saveUploadedState, getDefaultTemplate } from '../settings.js';
+import { loadEnhancedData, saveEnhancedData, saveUploadedState, getDefaultTemplate, getPortfolioProfile, hashPortfolioProfile, updatePortfolioPublishTarget, getPortfolioPublishState, isTranscriptIncluded, DEFAULT_PORTFOLIO_TARGET, } from '../settings.js';
+import { generatePortfolioHtmlFragment, generateProjectHtmlFragment, generatePortfolioSite, createZipBuffer } from '../export.js';
+import { buildPortfolioRenderData } from './portfolio-render-data.js';
+import { buildProjectDetail } from './context.js';
 import { captureScreenshot } from '../screenshot.js';
 import { redactSession, redactText, scanTextSync, formatFindings, stripHomePathsInText } from '../redact.js';
 import { renderProjectHtml, renderSessionHtml } from '../render/index.js';
 import { buildSessionRenderData, buildSessionCard, buildProjectRenderData } from '../render/build-render-data.js';
 import { buildAgentSummary } from './context.js';
+import { invalidatePortfolioPreviewCache } from './preview.js';
 import { startSSE } from './sse.js';
 import { displayNameFromDir } from '../sync.js';
 import { toSlug } from '../format-utils.js';
@@ -58,6 +64,8 @@ export function createPublishRouter(ctx) {
             }
             const imageData = readFileSync(screenshotPath);
             const base64 = imageData.toString('base64');
+            // Portfolio listing shows project screenshots — bust the cache.
+            invalidatePortfolioPreviewCache();
             res.json({ ok: true, preview: `data:image/png;base64,${base64}` });
         }
         catch (err) {
@@ -214,6 +222,7 @@ export function createPublishRouter(ctx) {
                         const session = await ctx.loadSession(meta.path, proj.name, sessionId);
                         const enhanced = loadEnhancedData(sessionId);
                         const sessionSlug = toSlug(enhanced?.title ?? session.title ?? sessionId, 80);
+                        const includeTranscript = isTranscriptIncluded(sessionId);
                         const agentSummary = await buildAgentSummary(meta.children ?? [], (c) => ctx.getSessionStats(c, proj.name), { deduplicate: true });
                         const devTake = (enhanced?.developerTake ?? session.developerTake ?? '').slice(0, 2000);
                         const sessionNarrative = enhanced?.narrative ?? '';
@@ -271,6 +280,22 @@ export function createPublishRouter(ctx) {
                                 rendered_html: sessionRenderedHtml,
                             },
                         };
+                        // Transcript-derived fields. When the user has toggled the
+                        // transcript OFF for this session we omit them from the
+                        // uploaded JSON entirely — see the spread below. The
+                        // session's main payload (dev take, skills, Q&A, etc.) is
+                        // unaffected.
+                        const turnTimeline = (session.turnTimeline ?? []).map((t) => ({
+                            timestamp: t.timestamp,
+                            type: t.type,
+                            content: (t.content ?? '').slice(0, 200),
+                            tools: t.tools ?? [],
+                        }));
+                        const transcriptExcerpt = (session.rawLog ?? []).slice(0, 10).map((line, i) => {
+                            const role = line.startsWith('> ') ? 'dev' : 'ai';
+                            const text = role === 'dev' ? line.slice(2) : line;
+                            return { role, id: `Turn ${i + 1}`, text, timestamp: null };
+                        });
                         const sessionData = {
                             version: 1,
                             id: sessionId,
@@ -308,17 +333,8 @@ export function createPublishRouter(ctx) {
                             highlights: [],
                             tool_breakdown: (session.toolBreakdown ?? []).map((t) => ({ tool: t.tool, count: t.count })),
                             top_files: (session.filesChanged ?? []).slice(0, 20).map((f) => (typeof f === 'string' ? { path: f, additions: 0, deletions: 0 } : f)),
-                            turn_timeline: (session.turnTimeline ?? []).map((t) => ({
-                                timestamp: t.timestamp,
-                                type: t.type,
-                                content: (t.content ?? '').slice(0, 200),
-                                tools: t.tools ?? [],
-                            })),
-                            transcript_excerpt: (session.rawLog ?? []).slice(0, 10).map((line, i) => {
-                                const role = line.startsWith('> ') ? 'dev' : 'ai';
-                                const text = role === 'dev' ? line.slice(2) : line;
-                                return { role, id: `Turn ${i + 1}`, text, timestamp: null };
-                            }),
+                            ...(includeTranscript ? { turn_timeline: turnTimeline } : {}),
+                            ...(includeTranscript ? { transcript_excerpt: transcriptExcerpt } : {}),
                             agent_summary: agentSummary,
                             children: agentSummary?.agents?.map((a) => ({
                                 sessionId: a.role,
@@ -347,7 +363,12 @@ export function createPublishRouter(ctx) {
                             uploadedCount++;
                             try {
                                 const sesData = await sessionRes.json();
-                                if (sesData.upload_urls) {
+                                if (sesData.upload_urls && includeTranscript) {
+                                    // Transcript-bearing S3 uploads. Skipped entirely when
+                                    // the user has toggled the transcript OFF for this
+                                    // session — the server never sees raw_log, turn
+                                    // timeline, or the bundled session-data JSON in that
+                                    // case.
                                     const { raw: rawUrl, log: logUrl } = sesData.upload_urls;
                                     if (rawUrl && meta.path && !meta.path.startsWith('cursor://')) {
                                         try {
@@ -423,7 +444,14 @@ export function createPublishRouter(ctx) {
                     const screenshotUrl = uploadedImageKey
                         ? `${PUBLIC_URL}/_img/${uploadedImageKey.replace(IMAGE_KEY_PREFIX, '')}`
                         : undefined;
-                    const projectHtml = generateProjectHtmlFragment(String(project), enrichedCache, detail.sessions, auth.username, { totalFilesChanged: totalFiles, title, screenshotUrl });
+                    const detailProj = detail.project;
+                    const projectHtml = generateProjectHtmlFragment(String(project), enrichedCache, detail.sessions, auth.username, {
+                        totalFilesChanged: totalFiles,
+                        title,
+                        screenshotUrl,
+                        totalInputTokens: detailProj.totalInputTokens,
+                        totalOutputTokens: detailProj.totalOutputTokens,
+                    });
                     const renderRes = await fetch(`${API_URL}/api/projects`, {
                         method: 'POST',
                         headers: {
@@ -490,5 +518,268 @@ export function createPublishRouter(ctx) {
             res.end();
         }
     });
+    // Read the current portfolio publish state (per-target snapshots, hashes,
+    // last errors, visibility). Authenticated via the same Bearer pattern as
+    // the upload route — the state file lives in the user's local config dir
+    // but it still references the signed-in identity, so don't leak it to
+    // unauthenticated callers.
+    router.get('/api/portfolio/state', async (_req, res) => {
+        const auth = getAuthToken();
+        if (!auth) {
+            res.status(401).json({
+                error: { code: 'UNAUTHENTICATED', message: 'Authentication required' },
+            });
+            return;
+        }
+        try {
+            const state = getPortfolioPublishState();
+            res.json(state);
+        }
+        catch (err) {
+            const message = err.message;
+            console.error('[portfolio-state] Error:', message);
+            res.status(500).json({
+                error: { code: 'PORTFOLIO_STATE_READ_FAILED', message },
+            });
+        }
+    });
+    // Publish portfolio landing page to heyi.am
+    // Renders the portfolio HTML fragment locally, POSTs it to Phoenix,
+    // and persists the published snapshot + hash to settings on success.
+    router.post('/api/portfolio/upload', async (req, res) => {
+        const auth = getAuthToken();
+        warnIfNonDefaultApiUrl();
+        if (!auth) {
+            res.status(401).json({
+                error: { code: 'UNAUTHENTICATED', message: 'Authentication required' },
+            });
+            return;
+        }
+        try {
+            const profile = getPortfolioProfile();
+            const templateName = getDefaultTemplate() || 'editorial';
+            const { renderData, filteredProjects } = await buildPortfolioRenderData(ctx, auth);
+            const renderedHtml = generatePortfolioHtmlFragment(renderData, templateName);
+            // Upload individual project pages for every project included in the
+            // portfolio. This ensures project detail pages exist on heyi.am even
+            // if the user never published them individually.
+            for (const rawProj of filteredProjects) {
+                try {
+                    const detail = buildProjectDetail(ctx.db, rawProj);
+                    const proj = detail.project;
+                    const cache = detail.enhanceCache
+                        ?? { fingerprint: 'portfolio-upload', enhancedAt: new Date().toISOString(), selectedSessionIds: detail.sessions.map((s) => s.id), result: { narrative: '', arc: [], skills: [], timeline: [], questions: [] } };
+                    const title = cache.title
+                        || proj.name || displayNameFromDir(rawProj.dirName);
+                    const slug = toSlug(title);
+                    const clientProjectId = getProjectUuid(ctx.db, rawProj.dirName);
+                    const projectHtml = generateProjectHtmlFragment(rawProj.dirName, cache, detail.sessions, auth.username, {
+                        totalFilesChanged: proj.totalFiles,
+                        totalAgentDurationMinutes: proj.totalAgentDuration,
+                        totalInputTokens: proj.totalInputTokens,
+                        totalOutputTokens: proj.totalOutputTokens,
+                    });
+                    await fetch(`${API_URL}/api/projects`, {
+                        method: 'POST',
+                        headers: {
+                            'Content-Type': 'application/json',
+                            Authorization: `Bearer ${auth.token}`,
+                        },
+                        body: JSON.stringify({
+                            project: {
+                                client_project_id: clientProjectId,
+                                title, slug,
+                                narrative: cache.result?.narrative ?? '',
+                                skills: cache.result?.skills ?? [],
+                                total_sessions: proj.sessionCount,
+                                total_loc: proj.totalLoc,
+                                total_duration_minutes: proj.totalDuration,
+                                total_agent_duration_minutes: proj.totalAgentDuration || null,
+                                total_files_changed: proj.totalFiles,
+                                total_input_tokens: proj.totalInputTokens,
+                                total_output_tokens: proj.totalOutputTokens,
+                                rendered_html: projectHtml,
+                            },
+                        }),
+                    });
+                }
+                catch (projErr) {
+                    console.warn(`[portfolio-upload] skipping project ${rawProj.dirName}:`, projErr.message);
+                }
+            }
+            // POST portfolio landing page to Phoenix.
+            // Phoenix sanitizes the HTML, persists to users.rendered_portfolio_html,
+            // and applies the optional profile snapshot via Accounts.update_user_profile.
+            const phoenixRes = await fetch(`${API_URL}/api/portfolio/upload`, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    Authorization: `Bearer ${auth.token}`,
+                },
+                body: JSON.stringify({
+                    html: renderedHtml,
+                    profile,
+                }),
+            });
+            if (!phoenixRes.ok) {
+                const errBody = await phoenixRes.json().catch(() => null);
+                const rawErr = errBody && typeof errBody === 'object'
+                    ? errBody.error
+                    : null;
+                const errMsg = typeof rawErr === 'string'
+                    ? rawErr
+                    : (rawErr && typeof rawErr === 'object' && 'message' in rawErr)
+                        ? rawErr.message
+                        : `HTTP ${phoenixRes.status}`;
+                updatePortfolioPublishTarget(DEFAULT_PORTFOLIO_TARGET, {
+                    lastError: errMsg,
+                    lastErrorAt: new Date().toISOString(),
+                });
+                res.status(phoenixRes.status >= 500 ? 502 : phoenixRes.status).json({
+                    error: { code: 'PORTFOLIO_UPLOAD_FAILED', message: errMsg },
+                });
+                return;
+            }
+            const okBody = await phoenixRes.json().catch(() => ({}));
+            const publishedUrl = okBody.username ? `${PUBLIC_URL}/${okBody.username}` : undefined;
+            const publishedAt = new Date().toISOString();
+            const hash = hashPortfolioProfile(profile);
+            updatePortfolioPublishTarget(DEFAULT_PORTFOLIO_TARGET, {
+                lastPublishedAt: publishedAt,
+                lastPublishedProfileHash: hash,
+                lastPublishedProfile: profile,
+                config: {},
+                url: publishedUrl,
+                lastError: undefined,
+                lastErrorAt: undefined,
+            });
+            // Published version of the portfolio just changed — drop any cached
+            // /preview/portfolio HTML so the next preview reflects reality.
+            invalidatePortfolioPreviewCache();
+            res.json({
+                ok: true,
+                url: publishedUrl ?? `${PUBLIC_URL}/${auth.username}`,
+                publishedAt,
+                hash,
+            });
+        }
+        catch (err) {
+            const errMsg = err.message;
+            console.error('[portfolio-upload] Error:', errMsg);
+            try {
+                updatePortfolioPublishTarget(DEFAULT_PORTFOLIO_TARGET, {
+                    lastError: errMsg,
+                    lastErrorAt: new Date().toISOString(),
+                });
+            }
+            catch { /* don't mask the original error */ }
+            res.status(500).json({
+                error: { code: 'PORTFOLIO_UPLOAD_FAILED', message: errMsg },
+            });
+        }
+    });
+    // Export the portfolio as a downloadable .zip file.
+    //
+    // No path arg from the client. We render the portfolio site into a temp
+    // directory, zip it via createZipBuffer, stream the zip back as an
+    // attachment, then clean up the temp dir. Mirrors the existing
+    // single-project HTML download pattern (cli/src/routes/export.ts).
+    router.post('/api/portfolio/export', async (_req, res) => {
+        const auth = getAuthToken();
+        if (!auth) {
+            res.status(401).json({
+                error: { code: 'UNAUTHENTICATED', message: 'Authentication required' },
+            });
+            return;
+        }
+        let tmpDir = null;
+        try {
+            const templateName = getDefaultTemplate() || 'editorial';
+            const { renderData } = await buildPortfolioRenderData(ctx, auth);
+            // Build per-project inputs for generatePortfolioSite. Each project
+            // needs its full session list + enhance cache — use the same
+            // buildProjectDetail path the single-project HTML export uses so
+            // there's exactly one "load everything about a project" helper.
+            const rawProjects = await ctx.getProjects();
+            const projectInputs = [];
+            for (const rawProj of rawProjects) {
+                try {
+                    const detail = buildProjectDetail(ctx.db, rawProj);
+                    const cache = detail.enhanceCache ?? {
+                        fingerprint: 'export',
+                        enhancedAt: new Date().toISOString(),
+                        selectedSessionIds: detail.sessions.map((s) => s.id),
+                        result: {
+                            narrative: '',
+                            arc: [],
+                            skills: [],
+                            timeline: [],
+                            questions: [],
+                        },
+                    };
+                    const proj = detail.project;
+                    projectInputs.push({
+                        dirName: rawProj.dirName,
+                        cache,
+                        sessions: detail.sessions,
+                        opts: {
+                            totalFilesChanged: proj.totalFiles,
+                            totalAgentDurationMinutes: proj.totalAgentDuration,
+                            totalInputTokens: proj.totalInputTokens,
+                            totalOutputTokens: proj.totalOutputTokens,
+                        },
+                    });
+                }
+                catch (projErr) {
+                    console.warn(`[portfolio-export] skipping project ${rawProj.dirName}:`, projErr.message);
+                }
+            }
+            tmpDir = mkdtempSync(path.join(tmpdir(), 'heyiam-portfolio-'));
+            const result = await generatePortfolioSite(renderData, projectInputs, tmpDir, templateName);
+            // Read every file generated into memory keyed by its path relative
+            // to the temp dir, then zip. Skip non-files defensively (the result
+            // list is files-only, but stat lets us catch directories that snuck
+            // in via a future code path).
+            const entries = [];
+            for (const filePath of result.files) {
+                try {
+                    if (!statSync(filePath).isFile())
+                        continue;
+                    entries.push({
+                        path: path.relative(tmpDir, filePath),
+                        content: readFileSync(filePath, 'utf-8'),
+                    });
+                }
+                catch (readErr) {
+                    console.warn(`[portfolio-export] skipping unreadable file ${filePath}:`, readErr.message);
+                }
+            }
+            const zipBuffer = createZipBuffer(entries);
+            const datestamp = new Date().toISOString().slice(0, 10);
+            const safeUsername = auth.username.replace(/[^a-zA-Z0-9_-]/g, '_');
+            const filename = `portfolio-${safeUsername}-${datestamp}.zip`;
+            res.setHeader('Content-Type', 'application/zip');
+            res.setHeader('Content-Disposition', `attachment; filename="${filename}"`);
+            res.setHeader('Content-Length', zipBuffer.length);
+            res.send(zipBuffer);
+        }
+        catch (err) {
+            const errMsg = err.message;
+            console.error('[portfolio-export] Error:', errMsg);
+            if (!res.headersSent) {
+                res.status(500).json({
+                    error: { code: 'PORTFOLIO_EXPORT_FAILED', message: errMsg },
+                });
+            }
+        }
+        finally {
+            if (tmpDir) {
+                try {
+                    rmSync(tmpDir, { recursive: true, force: true });
+                }
+                catch { /* best effort */ }
+            }
+        }
+    });
     return router;
 }

package/dist/routes/settings.js

@@ -1,7 +1,11 @@
 import { Router } from 'express';
-import { saveAnthropicApiKey, clearAnthropicApiKey, getAnthropicApiKey, getSettings, setDefaultTemplate, getPortfolioProfile, savePortfolioProfile } from '../settings.js';
+import { existsSync } from 'node:fs';
+import { saveAnthropicApiKey, clearAnthropicApiKey, getAnthropicApiKey, getSettings, setDefaultTemplate, getPortfolioProfile, savePortfolioProfile, isTranscriptIncluded, setTranscriptIncluded } from '../settings.js';
+import { invalidatePortfolioPreviewCache } from './preview.js';
 import { hasApiKey } from '../llm/index.js';
 import { isValidTemplate, DEFAULT_TEMPLATE, BUILT_IN_TEMPLATES } from '../render/templates.js';
+import { getDbPath } from '../db.js';
+import { getDaemonBinaryPath } from '../daemon-install.js';
 export function createSettingsRouter(_ctx) {
     const router = Router();
     // Save or clear the Anthropic API key
@@ -52,9 +56,42 @@ export function createSettingsRouter(_ctx) {
             return;
         }
         setDefaultTemplate(template);
+        invalidatePortfolioPreviewCache();
         console.log(`[settings] Portfolio theme set to: ${template}`);
         res.json({ ok: true, template });
     });
+    // ── Per-session transcript toggle (publish-time, CLI-only) ───
+    //
+    // GET /api/sessions/:sessionId/transcript-setting — returns whether the
+    // session transcript will be included in the next publish. Defaults to
+    // true.
+    //
+    // PUT /api/sessions/:sessionId/transcript-setting { included: boolean }
+    // — flips the flag. When `false`, publish.ts skips all S3 transcript
+    // uploads and strips transcript-derived fields from the uploaded
+    // session JSON.
+    router.get('/api/sessions/:sessionId/transcript-setting', (req, res) => {
+        const sessionId = typeof req.params.sessionId === 'string' ? req.params.sessionId.trim() : '';
+        if (!sessionId || sessionId.length > 200) {
+            res.status(400).json({ error: { code: 'INVALID_PARAM', message: 'sessionId is required' } });
+            return;
+        }
+        res.json({ sessionId, included: isTranscriptIncluded(sessionId) });
+    });
+    router.put('/api/sessions/:sessionId/transcript-setting', (req, res) => {
+        const sessionId = typeof req.params.sessionId === 'string' ? req.params.sessionId.trim() : '';
+        if (!sessionId || sessionId.length > 200) {
+            res.status(400).json({ error: { code: 'INVALID_PARAM', message: 'sessionId is required' } });
+            return;
+        }
+        const body = req.body;
+        if (typeof body?.included !== 'boolean') {
+            res.status(400).json({ error: { code: 'INVALID_BODY', message: 'included must be a boolean' } });
+            return;
+        }
+        setTranscriptIncluded(sessionId, body.included);
+        res.json({ ok: true, sessionId, included: body.included });
+    });
     // Get portfolio profile data
     router.get('/api/portfolio', (_req, res) => {
         res.json(getPortfolioProfile());
@@ -69,7 +106,7 @@ export function createSettingsRouter(_ctx) {
         const ALLOWED_FIELDS = [
             'displayName', 'bio', 'photoBase64', 'location', 'email', 'phone',
             'linkedinUrl', 'githubUrl', 'twitterHandle', 'websiteUrl',
-            'resumeBase64', 'resumeFilename',
+            'resumeBase64', 'resumeFilename', 'accent',
         ];
         const errors = [];
         // Structural validation: only allow known string fields
@@ -103,6 +140,9 @@ export function createSettingsRouter(_ctx) {
         if (cleaned.websiteUrl && !cleaned.websiteUrl.startsWith('http')) {
             errors.push({ field: 'websiteUrl', message: 'Website URL must start with http' });
         }
+        if (cleaned.accent && !/^#[0-9a-fA-F]{6}$/.test(cleaned.accent)) {
+            errors.push({ field: 'accent', message: 'Accent must be a 6-digit hex color (e.g. #084471)' });
+        }
         // File size limits (base64 ~1.37x raw; cap photo at ~5MB, resume at ~10MB)
         if (cleaned.photoBase64 && cleaned.photoBase64.length > 7_000_000) {
             errors.push({ field: 'photoBase64', message: 'Photo must be under 5MB' });
@@ -110,13 +150,73 @@ export function createSettingsRouter(_ctx) {
         if (cleaned.resumeBase64 && cleaned.resumeBase64.length > 14_000_000) {
             errors.push({ field: 'resumeBase64', message: 'Resume must be under 10MB' });
         }
+        // projectsOnPortfolio: array of {projectId, included, order}. Validated
+        // structurally; unknown entries are dropped silently. Empty array allowed
+        // (means "default ordering, include everything" at render time).
+        if (body.projectsOnPortfolio !== undefined) {
+            if (!Array.isArray(body.projectsOnPortfolio)) {
+                errors.push({ field: 'projectsOnPortfolio', message: 'projectsOnPortfolio must be an array' });
+            }
+            else {
+                const cleanedProjects = [];
+                for (let i = 0; i < body.projectsOnPortfolio.length; i++) {
+                    const raw = body.projectsOnPortfolio[i];
+                    if (!raw || typeof raw !== 'object') {
+                        errors.push({ field: `projectsOnPortfolio[${i}]`, message: 'must be an object' });
+                        continue;
+                    }
+                    if (typeof raw.projectId !== 'string' || raw.projectId.length === 0) {
+                        errors.push({ field: `projectsOnPortfolio[${i}].projectId`, message: 'must be a non-empty string' });
+                        continue;
+                    }
+                    if (typeof raw.included !== 'boolean') {
+                        errors.push({ field: `projectsOnPortfolio[${i}].included`, message: 'must be a boolean' });
+                        continue;
+                    }
+                    if (typeof raw.order !== 'number' || !Number.isFinite(raw.order)) {
+                        errors.push({ field: `projectsOnPortfolio[${i}].order`, message: 'must be a finite number' });
+                        continue;
+                    }
+                    cleanedProjects.push({
+                        projectId: raw.projectId,
+                        included: raw.included,
+                        order: raw.order,
+                    });
+                }
+                cleaned.projectsOnPortfolio = cleanedProjects;
+            }
+        }
         if (errors.length > 0) {
             res.status(400).json({ error: { code: 'VALIDATION_ERROR', message: 'Validation failed', fields: errors } });
             return;
         }
         savePortfolioProfile(cleaned);
+        invalidatePortfolioPreviewCache();
         console.log('[settings] Portfolio profile saved');
         res.json({ ok: true });
     });
+    // Local data summary: read-only diagnostic info displayed in Settings
+    // (DB path, daemon install state). Archive count + last sync are served
+    // by /api/archive/stats so the frontend composes both responses.
+    router.get('/api/local-data', (_req, res) => {
+        try {
+            const dbPath = getDbPath();
+            const daemonBinaryPath = getDaemonBinaryPath();
+            const daemonInstalled = existsSync(daemonBinaryPath);
+            res.json({
+                dbPath,
+                daemon: {
+                    installed: daemonInstalled,
+                    binaryPath: daemonBinaryPath,
+                },
+            });
+        }
+        catch (err) {
+            console.error('[local-data]', err.message);
+            res.status(500).json({
+                error: { code: 'LOCAL_DATA_FAILED', message: 'Failed to read local data summary' },
+            });
+        }
+    });
     return router;
 }

package/dist/search.js

@@ -7,6 +7,12 @@ import { escapeLikeWildcards } from './format-utils.js';
  * e.g. "-Users-test-Dev-myapp" → "Users/test/Dev/myapp"
  */
 export function decodeProjectName(projectDir) {
+    // Windows: "C-Users-ben-Dev-myapp" → "C:/Users/ben/Dev/myapp"
+    const winMatch = projectDir.match(/^([A-Z])-(.+)$/);
+    if (winMatch) {
+        return `${winMatch[1]}:/${winMatch[2].replace(/-/g, "/")}`;
+    }
+    // Unix: "-Users-ben-Dev-myapp" → "Users/ben/Dev/myapp"
     return projectDir.replace(/^-/, '').replace(/-/g, '/');
 }
 function rowToResult(row, snippet, score) {

package/dist/server.js

@@ -7,7 +7,7 @@ import { fileURLToPath } from 'node:url';
 import { homedir } from 'node:os';
 import { getDatabase, closeDatabase } from './db.js';
 import { syncWithTracking, startFileWatcher, startCursorPolling, markSyncPending } from './sync.js';
-import { createRouteContext, createProjectsRouter, createEnhanceRouter, createPublishRouter, createSearchRouter, createSessionsRouter, createArchiveRouter, createAuthRouter, createSettingsRouter, createExportRouter, createPreviewRouter, createDashboardRouter, } from './routes/index.js';
+import { createRouteContext, createProjectsRouter, createEnhanceRouter, createPublishRouter, createDeleteRouter, createSearchRouter, createSessionsRouter, createArchiveRouter, createAuthRouter, createSettingsRouter, createExportRouter, createPreviewRouter, createDashboardRouter, createGithubRouter, } from './routes/index.js';
 const __dirname = path.dirname(fileURLToPath(import.meta.url));
 function getPackageVersion() {
     try {
@@ -97,6 +97,7 @@ export function createApp(sessionsBasePath, dbPath) {
     app.use(createProjectsRouter(ctx));
     app.use(createEnhanceRouter(ctx));
     app.use(createPublishRouter(ctx));
+    app.use(createDeleteRouter(ctx));
     app.use(createSearchRouter(ctx));
     app.use(createSessionsRouter(ctx));
     app.use(createArchiveRouter(ctx));
@@ -105,6 +106,7 @@ export function createApp(sessionsBasePath, dbPath) {
     app.use(createExportRouter(ctx));
     app.use(createPreviewRouter(ctx));
     app.use(createDashboardRouter(ctx));
+    app.use(createGithubRouter(ctx));
     // ── Version endpoint (used by `heyiam open` to detect stale instances) ──
     app.get('/api/version', (_req, res) => {
         res.json({ server: 'heyiam', version: SERVER_VERSION });