meshy-node 0.10.2 → 0.10.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/main.cjs CHANGED
@@ -865,14 +865,14 @@ var require_jwa = __commonJS({
865
865
  "use strict";
866
866
  init_cjs_shims();
867
867
  var Buffer2 = require_safe_buffer().Buffer;
868
- var crypto6 = require("crypto");
868
+ var crypto7 = require("crypto");
869
869
  var formatEcdsa = require_ecdsa_sig_formatter();
870
870
  var util5 = require("util");
871
871
  var MSG_INVALID_ALGORITHM = '"%s" is not a valid algorithm.\n Supported algorithms are:\n "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512" and "none".';
872
872
  var MSG_INVALID_SECRET = "secret must be a string or buffer";
873
873
  var MSG_INVALID_VERIFIER_KEY = "key must be a string or a buffer";
874
874
  var MSG_INVALID_SIGNER_KEY = "key must be a string, a buffer or an object";
875
- var supportsKeyObjects = typeof crypto6.createPublicKey === "function";
875
+ var supportsKeyObjects = typeof crypto7.createPublicKey === "function";
876
876
  if (supportsKeyObjects) {
877
877
  MSG_INVALID_VERIFIER_KEY += " or a KeyObject";
878
878
  MSG_INVALID_SECRET += "or a KeyObject";
@@ -962,17 +962,17 @@ var require_jwa = __commonJS({
962
962
  return function sign(thing, secret) {
963
963
  checkIsSecretKey(secret);
964
964
  thing = normalizeInput(thing);
965
- var hmac = crypto6.createHmac("sha" + bits, secret);
965
+ var hmac = crypto7.createHmac("sha" + bits, secret);
966
966
  var sig = (hmac.update(thing), hmac.digest("base64"));
967
967
  return fromBase64(sig);
968
968
  };
969
969
  }
970
970
  var bufferEqual;
971
- var timingSafeEqual = "timingSafeEqual" in crypto6 ? function timingSafeEqual2(a, b) {
971
+ var timingSafeEqual = "timingSafeEqual" in crypto7 ? function timingSafeEqual2(a, b) {
972
972
  if (a.byteLength !== b.byteLength) {
973
973
  return false;
974
974
  }
975
- return crypto6.timingSafeEqual(a, b);
975
+ return crypto7.timingSafeEqual(a, b);
976
976
  } : function timingSafeEqual2(a, b) {
977
977
  if (!bufferEqual) {
978
978
  bufferEqual = require_buffer_equal_constant_time();
@@ -989,7 +989,7 @@ var require_jwa = __commonJS({
989
989
  return function sign(thing, privateKey) {
990
990
  checkIsPrivateKey(privateKey);
991
991
  thing = normalizeInput(thing);
992
- var signer = crypto6.createSign("RSA-SHA" + bits);
992
+ var signer = crypto7.createSign("RSA-SHA" + bits);
993
993
  var sig = (signer.update(thing), signer.sign(privateKey, "base64"));
994
994
  return fromBase64(sig);
995
995
  };
@@ -999,7 +999,7 @@ var require_jwa = __commonJS({
999
999
  checkIsPublicKey(publicKey);
1000
1000
  thing = normalizeInput(thing);
1001
1001
  signature = toBase64(signature);
1002
- var verifier = crypto6.createVerify("RSA-SHA" + bits);
1002
+ var verifier = crypto7.createVerify("RSA-SHA" + bits);
1003
1003
  verifier.update(thing);
1004
1004
  return verifier.verify(publicKey, signature, "base64");
1005
1005
  };
@@ -1008,11 +1008,11 @@ var require_jwa = __commonJS({
1008
1008
  return function sign(thing, privateKey) {
1009
1009
  checkIsPrivateKey(privateKey);
1010
1010
  thing = normalizeInput(thing);
1011
- var signer = crypto6.createSign("RSA-SHA" + bits);
1011
+ var signer = crypto7.createSign("RSA-SHA" + bits);
1012
1012
  var sig = (signer.update(thing), signer.sign({
1013
1013
  key: privateKey,
1014
- padding: crypto6.constants.RSA_PKCS1_PSS_PADDING,
1015
- saltLength: crypto6.constants.RSA_PSS_SALTLEN_DIGEST
1014
+ padding: crypto7.constants.RSA_PKCS1_PSS_PADDING,
1015
+ saltLength: crypto7.constants.RSA_PSS_SALTLEN_DIGEST
1016
1016
  }, "base64"));
1017
1017
  return fromBase64(sig);
1018
1018
  };
@@ -1022,12 +1022,12 @@ var require_jwa = __commonJS({
1022
1022
  checkIsPublicKey(publicKey);
1023
1023
  thing = normalizeInput(thing);
1024
1024
  signature = toBase64(signature);
1025
- var verifier = crypto6.createVerify("RSA-SHA" + bits);
1025
+ var verifier = crypto7.createVerify("RSA-SHA" + bits);
1026
1026
  verifier.update(thing);
1027
1027
  return verifier.verify({
1028
1028
  key: publicKey,
1029
- padding: crypto6.constants.RSA_PKCS1_PSS_PADDING,
1030
- saltLength: crypto6.constants.RSA_PSS_SALTLEN_DIGEST
1029
+ padding: crypto7.constants.RSA_PKCS1_PSS_PADDING,
1030
+ saltLength: crypto7.constants.RSA_PSS_SALTLEN_DIGEST
1031
1031
  }, signature, "base64");
1032
1032
  };
1033
1033
  }
@@ -1324,7 +1324,7 @@ var require_jws = __commonJS({
1324
1324
  exports2.createSign = function createSign(opts) {
1325
1325
  return new SignStream(opts);
1326
1326
  };
1327
- exports2.createVerify = function createVerify(opts) {
1327
+ exports2.createVerify = function createVerify2(opts) {
1328
1328
  return new VerifyStream(opts);
1329
1329
  };
1330
1330
  }
@@ -3632,7 +3632,7 @@ var require_verify = __commonJS({
3632
3632
  var validateAsymmetricKey = require_validateAsymmetricKey();
3633
3633
  var PS_SUPPORTED = require_psSupported();
3634
3634
  var jws = require_jws();
3635
- var { KeyObject, createSecretKey, createPublicKey } = require("crypto");
3635
+ var { KeyObject, createSecretKey, createPublicKey: createPublicKey2 } = require("crypto");
3636
3636
  var PUB_KEY_ALGS = ["RS256", "RS384", "RS512"];
3637
3637
  var EC_KEY_ALGS = ["ES256", "ES384", "ES512"];
3638
3638
  var RSA_KEY_ALGS = ["RS256", "RS384", "RS512"];
@@ -3716,7 +3716,7 @@ var require_verify = __commonJS({
3716
3716
  }
3717
3717
  if (secretOrPublicKey2 != null && !(secretOrPublicKey2 instanceof KeyObject)) {
3718
3718
  try {
3719
- secretOrPublicKey2 = createPublicKey(secretOrPublicKey2);
3719
+ secretOrPublicKey2 = createPublicKey2(secretOrPublicKey2);
3720
3720
  } catch (_) {
3721
3721
  try {
3722
3722
  secretOrPublicKey2 = createSecretKey(typeof secretOrPublicKey2 === "string" ? Buffer.from(secretOrPublicKey2) : secretOrPublicKey2);
@@ -4155,7 +4155,7 @@ var require_lodash5 = __commonJS({
4155
4155
  function isObjectLike2(value) {
4156
4156
  return !!value && typeof value == "object";
4157
4157
  }
4158
- function isPlainObject6(value) {
4158
+ function isPlainObject7(value) {
4159
4159
  if (!isObjectLike2(value) || objectToString2.call(value) != objectTag2 || isHostObject(value)) {
4160
4160
  return false;
4161
4161
  }
@@ -4166,7 +4166,7 @@ var require_lodash5 = __commonJS({
4166
4166
  var Ctor = hasOwnProperty3.call(proto2, "constructor") && proto2.constructor;
4167
4167
  return typeof Ctor == "function" && Ctor instanceof Ctor && funcToString2.call(Ctor) == objectCtorString2;
4168
4168
  }
4169
- module2.exports = isPlainObject6;
4169
+ module2.exports = isPlainObject7;
4170
4170
  }
4171
4171
  });
4172
4172
 
@@ -4285,7 +4285,7 @@ var require_sign = __commonJS({
4285
4285
  var isBoolean = require_lodash2();
4286
4286
  var isInteger = require_lodash3();
4287
4287
  var isNumber2 = require_lodash4();
4288
- var isPlainObject6 = require_lodash5();
4288
+ var isPlainObject7 = require_lodash5();
4289
4289
  var isString = require_lodash6();
4290
4290
  var once = require_lodash7();
4291
4291
  var { KeyObject, createSecretKey, createPrivateKey: createPrivateKey2 } = require("crypto");
@@ -4304,7 +4304,7 @@ var require_sign = __commonJS({
4304
4304
  return isString(value) || Array.isArray(value);
4305
4305
  }, message: '"audience" must be a string or array' },
4306
4306
  algorithm: { isValid: includes.bind(null, SUPPORTED_ALGS), message: '"algorithm" must be a valid string enum value' },
4307
- header: { isValid: isPlainObject6, message: '"header" must be an object' },
4307
+ header: { isValid: isPlainObject7, message: '"header" must be an object' },
4308
4308
  encoding: { isValid: isString, message: '"encoding" must be a string' },
4309
4309
  issuer: { isValid: isString, message: '"issuer" must be a string' },
4310
4310
  subject: { isValid: isString, message: '"subject" must be a string' },
@@ -4321,7 +4321,7 @@ var require_sign = __commonJS({
4321
4321
  nbf: { isValid: isNumber2, message: '"nbf" should be a number of seconds' }
4322
4322
  };
4323
4323
  function validate(schema, allowUnknown, object3, parameterName) {
4324
- if (!isPlainObject6(object3)) {
4324
+ if (!isPlainObject7(object3)) {
4325
4325
  throw new Error('Expected "' + parameterName + '" to be a plain object.');
4326
4326
  }
4327
4327
  Object.keys(object3).forEach(function(key2) {
@@ -28834,10 +28834,10 @@ var require_object_inspect = __commonJS({
28834
28834
  }
28835
28835
  if (!isDate(obj) && !isRegExp(obj)) {
28836
28836
  var ys = arrObjKeys(obj, inspect3);
28837
- var isPlainObject6 = gPO ? gPO(obj) === Object.prototype : obj instanceof Object || obj.constructor === Object;
28837
+ var isPlainObject7 = gPO ? gPO(obj) === Object.prototype : obj instanceof Object || obj.constructor === Object;
28838
28838
  var protoTag = obj instanceof Object ? "" : "null prototype";
28839
- var stringTag = !isPlainObject6 && toStringTag && Object(obj) === obj && toStringTag in obj ? $slice.call(toStr(obj), 8, -1) : protoTag ? "Object" : "";
28840
- var constructorTag = isPlainObject6 || typeof obj.constructor !== "function" ? "" : obj.constructor.name ? obj.constructor.name + " " : "";
28839
+ var stringTag = !isPlainObject7 && toStringTag && Object(obj) === obj && toStringTag in obj ? $slice.call(toStr(obj), 8, -1) : protoTag ? "Object" : "";
28840
+ var constructorTag = isPlainObject7 || typeof obj.constructor !== "function" ? "" : obj.constructor.name ? obj.constructor.name + " " : "";
28841
28841
  var tag = constructorTag + (stringTag || protoTag ? "[" + $join.call($concat.call([], stringTag || [], protoTag || []), ": ") + "] " : "");
28842
28842
  if (ys.length === 0) {
28843
28843
  return tag + "{}";
@@ -32848,14 +32848,14 @@ var require_etag = __commonJS({
32848
32848
  "use strict";
32849
32849
  init_cjs_shims();
32850
32850
  module2.exports = etag;
32851
- var crypto6 = require("crypto");
32851
+ var crypto7 = require("crypto");
32852
32852
  var Stats = require("fs").Stats;
32853
32853
  var toString3 = Object.prototype.toString;
32854
32854
  function entitytag(entity) {
32855
32855
  if (entity.length === 0) {
32856
32856
  return '"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"';
32857
32857
  }
32858
- var hash = crypto6.createHash("sha1").update(entity, "utf8").digest("base64").substring(0, 27);
32858
+ var hash = crypto7.createHash("sha1").update(entity, "utf8").digest("base64").substring(0, 27);
32859
32859
  var len = typeof entity === "string" ? Buffer.byteLength(entity, "utf8") : entity.length;
32860
32860
  return '"' + len.toString(16) + "-" + hash + '"';
32861
32861
  }
@@ -34626,7 +34626,7 @@ var require_application = __commonJS({
34626
34626
  "use strict";
34627
34627
  init_cjs_shims();
34628
34628
  var finalhandler = require_finalhandler();
34629
- var Router17 = require_router();
34629
+ var Router18 = require_router();
34630
34630
  var methods = require_methods();
34631
34631
  var middleware = require_init();
34632
34632
  var query = require_query();
@@ -34691,7 +34691,7 @@ var require_application = __commonJS({
34691
34691
  };
34692
34692
  app.lazyrouter = function lazyrouter() {
34693
34693
  if (!this._router) {
34694
- this._router = new Router17({
34694
+ this._router = new Router18({
34695
34695
  caseSensitive: this.enabled("case sensitive routing"),
34696
34696
  strict: this.enabled("strict routing")
34697
34697
  });
@@ -35651,11 +35651,11 @@ var require_cookie_signature = __commonJS({
35651
35651
  "../../node_modules/.pnpm/cookie-signature@1.0.7/node_modules/cookie-signature/index.js"(exports2) {
35652
35652
  "use strict";
35653
35653
  init_cjs_shims();
35654
- var crypto6 = require("crypto");
35654
+ var crypto7 = require("crypto");
35655
35655
  exports2.sign = function(val, secret) {
35656
35656
  if ("string" !== typeof val) throw new TypeError("Cookie value must be provided as a string.");
35657
35657
  if (null == secret) throw new TypeError("Secret key must be provided.");
35658
- return val + "." + crypto6.createHmac("sha256", secret).update(val).digest("base64").replace(/\=+$/, "");
35658
+ return val + "." + crypto7.createHmac("sha256", secret).update(val).digest("base64").replace(/\=+$/, "");
35659
35659
  };
35660
35660
  exports2.unsign = function(val, secret) {
35661
35661
  if ("string" !== typeof val) throw new TypeError("Signed cookie string must be provided.");
@@ -35664,7 +35664,7 @@ var require_cookie_signature = __commonJS({
35664
35664
  return sha1(mac) == sha1(val) ? str : false;
35665
35665
  };
35666
35666
  function sha1(str) {
35667
- return crypto6.createHash("sha1").update(str).digest("hex");
35667
+ return crypto7.createHash("sha1").update(str).digest("hex");
35668
35668
  }
35669
35669
  }
35670
35670
  });
@@ -36569,7 +36569,7 @@ var require_express = __commonJS({
36569
36569
  var mixin = require_merge_descriptors();
36570
36570
  var proto2 = require_application();
36571
36571
  var Route = require_route();
36572
- var Router17 = require_router();
36572
+ var Router18 = require_router();
36573
36573
  var req = require_request();
36574
36574
  var res = require_response();
36575
36575
  exports2 = module2.exports = createApplication;
@@ -36592,7 +36592,7 @@ var require_express = __commonJS({
36592
36592
  exports2.request = req;
36593
36593
  exports2.response = res;
36594
36594
  exports2.Route = Route;
36595
- exports2.Router = Router17;
36595
+ exports2.Router = Router18;
36596
36596
  exports2.json = bodyParser.json;
36597
36597
  exports2.query = require_query();
36598
36598
  exports2.raw = bodyParser.raw;
@@ -36722,7 +36722,7 @@ __export(util_exports, {
36722
36722
  captureStackTrace: () => captureStackTrace,
36723
36723
  cleanEnum: () => cleanEnum,
36724
36724
  cleanRegex: () => cleanRegex,
36725
- clone: () => clone2,
36725
+ clone: () => clone3,
36726
36726
  createTransparentProxy: () => createTransparentProxy,
36727
36727
  defineLazy: () => defineLazy,
36728
36728
  esc: () => esc,
@@ -36736,7 +36736,7 @@ __export(util_exports, {
36736
36736
  getParsedType: () => getParsedType2,
36737
36737
  getSizableOrigin: () => getSizableOrigin,
36738
36738
  isObject: () => isObject2,
36739
- isPlainObject: () => isPlainObject2,
36739
+ isPlainObject: () => isPlainObject3,
36740
36740
  issue: () => issue,
36741
36741
  joinValues: () => joinValues,
36742
36742
  jsonStringifyReplacer: () => jsonStringifyReplacer,
@@ -36870,7 +36870,7 @@ function esc(str) {
36870
36870
  function isObject2(data) {
36871
36871
  return typeof data === "object" && data !== null && !Array.isArray(data);
36872
36872
  }
36873
- function isPlainObject2(o) {
36873
+ function isPlainObject3(o) {
36874
36874
  if (isObject2(o) === false)
36875
36875
  return false;
36876
36876
  const ctor = o.constructor;
@@ -36896,7 +36896,7 @@ function numKeys(data) {
36896
36896
  function escapeRegex(str) {
36897
36897
  return str.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
36898
36898
  }
36899
- function clone2(inst, def, params) {
36899
+ function clone3(inst, def, params) {
36900
36900
  const cl = new inst._zod.constr(def ?? inst._zod.def);
36901
36901
  if (!def || params?.parent)
36902
36902
  cl._zod.parent = inst;
@@ -36974,7 +36974,7 @@ function pick(schema, mask) {
36974
36974
  continue;
36975
36975
  newShape[key2] = currDef.shape[key2];
36976
36976
  }
36977
- return clone2(schema, {
36977
+ return clone3(schema, {
36978
36978
  ...schema._zod.def,
36979
36979
  shape: newShape,
36980
36980
  checks: []
@@ -36991,14 +36991,14 @@ function omit(schema, mask) {
36991
36991
  continue;
36992
36992
  delete newShape[key2];
36993
36993
  }
36994
- return clone2(schema, {
36994
+ return clone3(schema, {
36995
36995
  ...schema._zod.def,
36996
36996
  shape: newShape,
36997
36997
  checks: []
36998
36998
  });
36999
36999
  }
37000
37000
  function extend2(schema, shape) {
37001
- if (!isPlainObject2(shape)) {
37001
+ if (!isPlainObject3(shape)) {
37002
37002
  throw new Error("Invalid input to extend: expected a plain object");
37003
37003
  }
37004
37004
  const def = {
@@ -37011,10 +37011,10 @@ function extend2(schema, shape) {
37011
37011
  checks: []
37012
37012
  // delete existing checks
37013
37013
  };
37014
- return clone2(schema, def);
37014
+ return clone3(schema, def);
37015
37015
  }
37016
37016
  function merge(a, b) {
37017
- return clone2(a, {
37017
+ return clone3(a, {
37018
37018
  ...a._zod.def,
37019
37019
  get shape() {
37020
37020
  const _shape = { ...a._zod.def.shape, ...b._zod.def.shape };
@@ -37049,7 +37049,7 @@ function partial(Class2, schema, mask) {
37049
37049
  }) : oldShape[key2];
37050
37050
  }
37051
37051
  }
37052
- return clone2(schema, {
37052
+ return clone3(schema, {
37053
37053
  ...schema._zod.def,
37054
37054
  shape,
37055
37055
  checks: []
@@ -37078,7 +37078,7 @@ function required(Class2, schema, mask) {
37078
37078
  });
37079
37079
  }
37080
37080
  }
37081
- return clone2(schema, {
37081
+ return clone3(schema, {
37082
37082
  ...schema._zod.def,
37083
37083
  shape,
37084
37084
  // optional: [],
@@ -37985,7 +37985,7 @@ function mergeValues2(a, b) {
37985
37985
  if (a instanceof Date && b instanceof Date && +a === +b) {
37986
37986
  return { valid: true, data: a };
37987
37987
  }
37988
- if (isPlainObject2(a) && isPlainObject2(b)) {
37988
+ if (isPlainObject3(a) && isPlainObject3(b)) {
37989
37989
  const bKeys = Object.keys(b);
37990
37990
  const sharedKeys = Object.keys(a).filter((key2) => bKeys.indexOf(key2) !== -1);
37991
37991
  const newObj = { ...a, ...b };
@@ -38840,7 +38840,7 @@ var init_schemas = __esm({
38840
38840
  $ZodType.init(inst, def);
38841
38841
  inst._zod.parse = (payload, ctx) => {
38842
38842
  const input = payload.value;
38843
- if (!isPlainObject2(input)) {
38843
+ if (!isPlainObject3(input)) {
38844
38844
  payload.issues.push({
38845
38845
  expected: "record",
38846
38846
  code: "invalid_type",
@@ -40309,7 +40309,7 @@ var init_schemas3 = __esm({
40309
40309
  // { parent: true }
40310
40310
  );
40311
40311
  };
40312
- inst.clone = (def2, params) => clone2(inst, def2, params);
40312
+ inst.clone = (def2, params) => clone3(inst, def2, params);
40313
40313
  inst.brand = () => inst;
40314
40314
  inst.register = ((reg, meta) => {
40315
40315
  reg.add(inst, meta);
@@ -42760,7 +42760,7 @@ var init_zod_json_schema_compat = __esm({
42760
42760
  });
42761
42761
 
42762
42762
  // ../../node_modules/.pnpm/@modelcontextprotocol+sdk@1.29.0_zod@3.25.76/node_modules/@modelcontextprotocol/sdk/dist/esm/shared/protocol.js
42763
- function isPlainObject3(value) {
42763
+ function isPlainObject4(value) {
42764
42764
  return value !== null && typeof value === "object" && !Array.isArray(value);
42765
42765
  }
42766
42766
  function mergeCapabilities(base, additional) {
@@ -42771,7 +42771,7 @@ function mergeCapabilities(base, additional) {
42771
42771
  if (addValue === void 0)
42772
42772
  continue;
42773
42773
  const baseValue = result[k];
42774
- if (isPlainObject3(baseValue) && isPlainObject3(addValue)) {
42774
+ if (isPlainObject4(baseValue) && isPlainObject4(addValue)) {
42775
42775
  result[k] = { ...baseValue, ...addValue };
42776
42776
  } else {
42777
42777
  result[k] = addValue;
@@ -52212,7 +52212,7 @@ var require_extend = __commonJS({
52212
52212
  }
52213
52213
  return toStr.call(arr) === "[object Array]";
52214
52214
  };
52215
- var isPlainObject6 = function isPlainObject7(obj) {
52215
+ var isPlainObject7 = function isPlainObject8(obj) {
52216
52216
  if (!obj || toStr.call(obj) !== "[object Object]") {
52217
52217
  return false;
52218
52218
  }
@@ -52249,7 +52249,7 @@ var require_extend = __commonJS({
52249
52249
  return obj[name2];
52250
52250
  };
52251
52251
  module2.exports = function extend4() {
52252
- var options, name2, src, copy, copyIsArray, clone4;
52252
+ var options, name2, src, copy, copyIsArray, clone5;
52253
52253
  var target = arguments[0];
52254
52254
  var i = 1;
52255
52255
  var length = arguments.length;
@@ -52269,14 +52269,14 @@ var require_extend = __commonJS({
52269
52269
  src = getProperty(target, name2);
52270
52270
  copy = getProperty(options, name2);
52271
52271
  if (target !== copy) {
52272
- if (deep && copy && (isPlainObject6(copy) || (copyIsArray = isArray2(copy)))) {
52272
+ if (deep && copy && (isPlainObject7(copy) || (copyIsArray = isArray2(copy)))) {
52273
52273
  if (copyIsArray) {
52274
52274
  copyIsArray = false;
52275
- clone4 = src && isArray2(src) ? src : [];
52275
+ clone5 = src && isArray2(src) ? src : [];
52276
52276
  } else {
52277
- clone4 = src && isPlainObject6(src) ? src : {};
52277
+ clone5 = src && isPlainObject7(src) ? src : {};
52278
52278
  }
52279
- setProperty(target, { name: name2, newValue: extend4(deep, clone4, copy) });
52279
+ setProperty(target, { name: name2, newValue: extend4(deep, clone5, copy) });
52280
52280
  } else if (typeof copy !== "undefined") {
52281
52281
  setProperty(target, { name: name2, newValue: copy });
52282
52282
  }
@@ -57136,7 +57136,7 @@ var init_rpc_metadata = __esm({
57136
57136
  });
57137
57137
 
57138
57138
  // ../../node_modules/.pnpm/@opentelemetry+core@2.8.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/core/build/esm/utils/lodash.merge.js
57139
- function isPlainObject5(value) {
57139
+ function isPlainObject6(value) {
57140
57140
  if (!isObjectLike(value) || baseGetTag(value) !== objectTag) {
57141
57141
  return false;
57142
57142
  }
@@ -57301,7 +57301,7 @@ function isPrimitive(value) {
57301
57301
  return typeof value === "string" || typeof value === "number" || typeof value === "boolean" || typeof value === "undefined" || value instanceof Date || value instanceof RegExp || value === null;
57302
57302
  }
57303
57303
  function shouldMerge(one5, two) {
57304
- if (!isPlainObject5(one5) || !isPlainObject5(two)) {
57304
+ if (!isPlainObject6(one5) || !isPlainObject6(two)) {
57305
57305
  return false;
57306
57306
  }
57307
57307
  return true;
@@ -57593,12 +57593,12 @@ var init_default_service_name = __esm({
57593
57593
  });
57594
57594
 
57595
57595
  // ../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/esm/utils.js
57596
- var isPromiseLike;
57596
+ var isPromiseLike2;
57597
57597
  var init_utils5 = __esm({
57598
57598
  "../../node_modules/.pnpm/@opentelemetry+resources@2.7.1_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/esm/utils.js"() {
57599
57599
  "use strict";
57600
57600
  init_cjs_shims();
57601
- isPromiseLike = (val) => {
57601
+ isPromiseLike2 = (val) => {
57602
57602
  return val !== null && typeof val === "object" && typeof val.then === "function";
57603
57603
  };
57604
57604
  }
@@ -57624,7 +57624,7 @@ function defaultResource() {
57624
57624
  }
57625
57625
  function guardedRawAttributes(attributes) {
57626
57626
  return attributes.map(([k, v]) => {
57627
- if (isPromiseLike(v)) {
57627
+ if (isPromiseLike2(v)) {
57628
57628
  return [
57629
57629
  k,
57630
57630
  v.catch((err) => {
@@ -57678,13 +57678,13 @@ var init_ResourceImpl = __esm({
57678
57678
  static FromAttributeList(attributes, options) {
57679
57679
  const res = new _ResourceImpl({}, options);
57680
57680
  res._rawAttributes = guardedRawAttributes(attributes);
57681
- res._asyncAttributesPending = attributes.filter(([_, val]) => isPromiseLike(val)).length > 0;
57681
+ res._asyncAttributesPending = attributes.filter(([_, val]) => isPromiseLike2(val)).length > 0;
57682
57682
  return res;
57683
57683
  }
57684
57684
  constructor(resource, options) {
57685
57685
  const attributes = resource.attributes ?? {};
57686
57686
  this._rawAttributes = Object.entries(attributes).map(([k, v]) => {
57687
- if (isPromiseLike(v)) {
57687
+ if (isPromiseLike2(v)) {
57688
57688
  this._asyncAttributesPending = true;
57689
57689
  }
57690
57690
  return [k, v];
@@ -57701,7 +57701,7 @@ var init_ResourceImpl = __esm({
57701
57701
  }
57702
57702
  for (let i = 0; i < this._rawAttributes.length; i++) {
57703
57703
  const [k, v] = this._rawAttributes[i];
57704
- this._rawAttributes[i] = [k, isPromiseLike(v) ? await v : v];
57704
+ this._rawAttributes[i] = [k, isPromiseLike2(v) ? await v : v];
57705
57705
  }
57706
57706
  this._asyncAttributesPending = false;
57707
57707
  }
@@ -57714,7 +57714,7 @@ var init_ResourceImpl = __esm({
57714
57714
  }
57715
57715
  const attrs = {};
57716
57716
  for (const [k, v] of this._rawAttributes) {
57717
- if (isPromiseLike(v)) {
57717
+ if (isPromiseLike2(v)) {
57718
57718
  diag2.debug(`Unsettled resource attribute ${k} skipped`);
57719
57719
  continue;
57720
57720
  }
@@ -113819,12 +113819,12 @@ var init_default_service_name2 = __esm({
113819
113819
  });
113820
113820
 
113821
113821
  // ../../node_modules/.pnpm/@opentelemetry+resources@2.8.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/esm/utils.js
113822
- var isPromiseLike2;
113822
+ var isPromiseLike3;
113823
113823
  var init_utils13 = __esm({
113824
113824
  "../../node_modules/.pnpm/@opentelemetry+resources@2.8.0_@opentelemetry+api@1.9.1/node_modules/@opentelemetry/resources/build/esm/utils.js"() {
113825
113825
  "use strict";
113826
113826
  init_cjs_shims();
113827
- isPromiseLike2 = (val) => {
113827
+ isPromiseLike3 = (val) => {
113828
113828
  return val !== null && typeof val === "object" && typeof val.then === "function";
113829
113829
  };
113830
113830
  }
@@ -113850,7 +113850,7 @@ function defaultResource2() {
113850
113850
  }
113851
113851
  function guardedRawAttributes2(attributes) {
113852
113852
  return attributes.map(([k, v]) => {
113853
- if (isPromiseLike2(v)) {
113853
+ if (isPromiseLike3(v)) {
113854
113854
  return [
113855
113855
  k,
113856
113856
  v.catch((err) => {
@@ -113904,13 +113904,13 @@ var init_ResourceImpl2 = __esm({
113904
113904
  static FromAttributeList(attributes, options) {
113905
113905
  const res = new _ResourceImpl({}, options);
113906
113906
  res._rawAttributes = guardedRawAttributes2(attributes);
113907
- res._asyncAttributesPending = attributes.filter(([_, val]) => isPromiseLike2(val)).length > 0;
113907
+ res._asyncAttributesPending = attributes.filter(([_, val]) => isPromiseLike3(val)).length > 0;
113908
113908
  return res;
113909
113909
  }
113910
113910
  constructor(resource, options) {
113911
113911
  const attributes = resource.attributes ?? {};
113912
113912
  this._rawAttributes = Object.entries(attributes).map(([k, v]) => {
113913
- if (isPromiseLike2(v)) {
113913
+ if (isPromiseLike3(v)) {
113914
113914
  this._asyncAttributesPending = true;
113915
113915
  }
113916
113916
  return [k, v];
@@ -113927,7 +113927,7 @@ var init_ResourceImpl2 = __esm({
113927
113927
  }
113928
113928
  for (let i = 0; i < this._rawAttributes.length; i++) {
113929
113929
  const [k, v] = this._rawAttributes[i];
113930
- this._rawAttributes[i] = [k, isPromiseLike2(v) ? await v : v];
113930
+ this._rawAttributes[i] = [k, isPromiseLike3(v) ? await v : v];
113931
113931
  }
113932
113932
  this._asyncAttributesPending = false;
113933
113933
  }
@@ -113940,7 +113940,7 @@ var init_ResourceImpl2 = __esm({
113940
113940
  }
113941
113941
  const attrs = {};
113942
113942
  for (const [k, v] of this._rawAttributes) {
113943
- if (isPromiseLike2(v)) {
113943
+ if (isPromiseLike3(v)) {
113944
113944
  diag2.debug(`Unsettled resource attribute ${k} skipped`);
113945
113945
  continue;
113946
113946
  }
@@ -136899,6 +136899,76 @@ function isNodeStatus(value) {
136899
136899
  return typeof value === "string" && NODE_STATUSES.has(value);
136900
136900
  }
136901
136901
 
136902
+ // ../../packages/core/src/storage/task-store-parsers.ts
136903
+ init_cjs_shims();
136904
+ function parseTask(value) {
136905
+ if (!isPlainObject(value)) {
136906
+ return null;
136907
+ }
136908
+ const status = asTaskStatus(value.status);
136909
+ const priority = asTaskPriority(value.priority);
136910
+ const conversationKind = value.conversationKind === void 0 ? "meshyChat" : asTaskConversationKind(value.conversationKind);
136911
+ if (typeof value.id !== "string" || typeof value.title !== "string" || typeof value.description !== "string" || typeof value.agent !== "string" || value.project !== null && typeof value.project !== "string" || value.effectiveProjectPath !== null && value.effectiveProjectPath !== void 0 && typeof value.effectiveProjectPath !== "string" || value.branch !== null && value.branch !== void 0 && typeof value.branch !== "string" || conversationKind === null || !isPlainObject(value.payload) || status === null || priority === null || value.assignedTo !== null && typeof value.assignedTo !== "string" || value.assignedNodeName !== void 0 && value.assignedNodeName !== null && typeof value.assignedNodeName !== "string" || typeof value.createdBy !== "string" || value.result !== null && !isPlainObject(value.result) || value.error !== null && typeof value.error !== "string" || typeof value.retryCount !== "number" || !Number.isFinite(value.retryCount) || typeof value.maxRetries !== "number" || !Number.isFinite(value.maxRetries) || typeof value.createdAt !== "number" || !Number.isFinite(value.createdAt) || typeof value.updatedAt !== "number" || !Number.isFinite(value.updatedAt)) {
136912
+ return null;
136913
+ }
136914
+ const queuedMessages = parseTaskQueuedMessages(value.queuedMessages);
136915
+ return {
136916
+ id: value.id,
136917
+ title: value.title,
136918
+ description: value.description,
136919
+ agent: value.agent,
136920
+ project: value.project ?? null,
136921
+ effectiveProjectPath: typeof value.effectiveProjectPath === "string" ? value.effectiveProjectPath : null,
136922
+ branch: value.branch === void 0 ? void 0 : typeof value.branch === "string" ? value.branch : null,
136923
+ conversationKind,
136924
+ payload: clone(value.payload),
136925
+ ...queuedMessages ? { queuedMessages } : {},
136926
+ status,
136927
+ priority,
136928
+ assignedTo: value.assignedTo,
136929
+ assignedNodeName: typeof value.assignedNodeName === "string" ? value.assignedNodeName : null,
136930
+ createdBy: value.createdBy,
136931
+ result: value.result === null ? null : clone(value.result),
136932
+ error: value.error,
136933
+ retryCount: value.retryCount,
136934
+ maxRetries: value.maxRetries,
136935
+ createdAt: value.createdAt,
136936
+ updatedAt: value.updatedAt
136937
+ };
136938
+ }
136939
+ function parseTaskQueuedMessages(value) {
136940
+ if (value === void 0) return void 0;
136941
+ if (!Array.isArray(value)) return void 0;
136942
+ const messages = [];
136943
+ for (const entry of value) {
136944
+ if (!isPlainObject(entry)) return void 0;
136945
+ if (typeof entry.id !== "string" || !Array.isArray(entry.content) || typeof entry.createdAt !== "number" || !Number.isFinite(entry.createdAt)) {
136946
+ return void 0;
136947
+ }
136948
+ messages.push({
136949
+ id: entry.id,
136950
+ content: clone(entry.content),
136951
+ createdAt: entry.createdAt
136952
+ });
136953
+ }
136954
+ return messages;
136955
+ }
136956
+ function asTaskStatus(value) {
136957
+ return isTaskStatus(value) ? value : null;
136958
+ }
136959
+ function asTaskPriority(value) {
136960
+ return isTaskPriority(value) ? value : null;
136961
+ }
136962
+ function asTaskConversationKind(value) {
136963
+ return isTaskConversationKind(value) ? value : null;
136964
+ }
136965
+ function clone(value) {
136966
+ return JSON.parse(JSON.stringify(value));
136967
+ }
136968
+ function isPlainObject(value) {
136969
+ return typeof value === "object" && value !== null && !Array.isArray(value);
136970
+ }
136971
+
136902
136972
  // ../../packages/core/src/storage/file-store.ts
136903
136973
  var FILE_NAMES = {
136904
136974
  cluster: "cluster.json",
@@ -136948,26 +137018,26 @@ var FileStore = class {
136948
137018
  }
136949
137019
  getClusterInfo() {
136950
137020
  this.ensureOpen();
136951
- return this.cluster === null ? null : clone(this.cluster);
137021
+ return this.cluster === null ? null : clone2(this.cluster);
136952
137022
  }
136953
137023
  setClusterInfo(info) {
136954
137024
  this.ensureOpen();
136955
- this.cluster = clone(info);
137025
+ this.cluster = clone2(info);
136956
137026
  this.persistSection("cluster");
136957
137027
  }
136958
137028
  upsertNode(node2) {
136959
137029
  this.ensureOpen();
136960
- this.nodes.set(node2.id, clone(node2));
137030
+ this.nodes.set(node2.id, clone2(node2));
136961
137031
  this.persistSection("nodes");
136962
137032
  }
136963
137033
  getNode(id) {
136964
137034
  this.ensureOpen();
136965
137035
  const node2 = this.nodes.get(id);
136966
- return node2 === void 0 ? null : clone(node2);
137036
+ return node2 === void 0 ? null : clone2(node2);
136967
137037
  }
136968
137038
  getAllNodes() {
136969
137039
  this.ensureOpen();
136970
- return Array.from(this.nodes.values(), (node2) => clone(node2));
137040
+ return Array.from(this.nodes.values(), (node2) => clone2(node2));
136971
137041
  }
136972
137042
  removeNode(id) {
136973
137043
  this.ensureOpen();
@@ -136987,15 +137057,15 @@ var FileStore = class {
136987
137057
  }
136988
137058
  createTask(task) {
136989
137059
  this.ensureOpen();
136990
- const copy = clone(task);
137060
+ const copy = clone2(task);
136991
137061
  this.tasks.set(copy.id, copy);
136992
137062
  this.persistSection("tasks");
136993
- return clone(copy);
137063
+ return clone2(copy);
136994
137064
  }
136995
137065
  getTask(id) {
136996
137066
  this.ensureOpen();
136997
137067
  const task = this.tasks.get(id);
136998
- return task === void 0 ? null : clone(task);
137068
+ return task === void 0 ? null : clone2(task);
136999
137069
  }
137000
137070
  getAllTasks(filter = {}) {
137001
137071
  this.ensureOpen();
@@ -137012,7 +137082,7 @@ var FileStore = class {
137012
137082
  const offset = normalizeBound(filter.offset) ?? 0;
137013
137083
  const limit = normalizeBound(filter.limit);
137014
137084
  const sliced = limit === void 0 ? tasks.slice(offset) : tasks.slice(offset, offset + limit);
137015
- return sliced.map((task) => clone(task));
137085
+ return sliced.map((task) => clone2(task));
137016
137086
  }
137017
137087
  updateTask(id, updates) {
137018
137088
  this.ensureOpen();
@@ -137022,12 +137092,12 @@ var FileStore = class {
137022
137092
  }
137023
137093
  const merged = {
137024
137094
  ...current,
137025
- ...clone(updates),
137095
+ ...clone2(updates),
137026
137096
  id: current.id
137027
137097
  };
137028
137098
  this.tasks.set(id, merged);
137029
137099
  this.persistSection("tasks");
137030
- return clone(merged);
137100
+ return clone2(merged);
137031
137101
  }
137032
137102
  deleteTask(id) {
137033
137103
  this.ensureOpen();
@@ -137085,28 +137155,28 @@ var FileStore = class {
137085
137155
  }
137086
137156
  createTaskShare(share) {
137087
137157
  this.ensureOpen();
137088
- const copy = clone(share);
137158
+ const copy = clone2(share);
137089
137159
  this.shares.set(copy.id, copy);
137090
137160
  this.persistSection("shares");
137091
- return clone(copy);
137161
+ return clone2(copy);
137092
137162
  }
137093
137163
  getTaskShare(id) {
137094
137164
  this.ensureOpen();
137095
137165
  const share = this.shares.get(id);
137096
- return share === void 0 ? null : clone(share);
137166
+ return share === void 0 ? null : clone2(share);
137097
137167
  }
137098
137168
  getTaskShareByTaskId(taskId) {
137099
137169
  this.ensureOpen();
137100
137170
  for (const share of this.shares.values()) {
137101
137171
  if (share.taskId === taskId && share.revokedAt === void 0) {
137102
- return clone(share);
137172
+ return clone2(share);
137103
137173
  }
137104
137174
  }
137105
137175
  return null;
137106
137176
  }
137107
137177
  getAllTaskShares() {
137108
137178
  this.ensureOpen();
137109
- return Array.from(this.shares.values(), (share) => clone(share));
137179
+ return Array.from(this.shares.values(), (share) => clone2(share));
137110
137180
  }
137111
137181
  updateTaskShare(id, updates) {
137112
137182
  this.ensureOpen();
@@ -137116,12 +137186,12 @@ var FileStore = class {
137116
137186
  }
137117
137187
  const merged = {
137118
137188
  ...current,
137119
- ...clone(updates),
137189
+ ...clone2(updates),
137120
137190
  id: current.id
137121
137191
  };
137122
137192
  this.shares.set(id, merged);
137123
137193
  this.persistSection("shares");
137124
- return clone(merged);
137194
+ return clone2(merged);
137125
137195
  }
137126
137196
  getElectionValue(key2) {
137127
137197
  this.ensureOpen();
@@ -137156,7 +137226,7 @@ var FileStore = class {
137156
137226
  }
137157
137227
  loadNodes() {
137158
137228
  const raw3 = this.readJsonFile("nodes");
137159
- if (!isPlainObject(raw3)) {
137229
+ if (!isPlainObject2(raw3)) {
137160
137230
  this.markDirty("nodes");
137161
137231
  return /* @__PURE__ */ new Map();
137162
137232
  }
@@ -137176,7 +137246,7 @@ var FileStore = class {
137176
137246
  }
137177
137247
  loadTasks() {
137178
137248
  const raw3 = this.readJsonFile("tasks");
137179
- if (!isPlainObject(raw3)) {
137249
+ if (!isPlainObject2(raw3)) {
137180
137250
  this.markDirty("tasks");
137181
137251
  return /* @__PURE__ */ new Map();
137182
137252
  }
@@ -137196,7 +137266,7 @@ var FileStore = class {
137196
137266
  }
137197
137267
  loadTaskShares() {
137198
137268
  const raw3 = this.readJsonFile("shares");
137199
- if (!isPlainObject(raw3)) {
137269
+ if (!isPlainObject2(raw3)) {
137200
137270
  this.markDirty("shares");
137201
137271
  return /* @__PURE__ */ new Map();
137202
137272
  }
@@ -137216,7 +137286,7 @@ var FileStore = class {
137216
137286
  }
137217
137287
  loadElection() {
137218
137288
  const raw3 = this.readJsonFile("election");
137219
- if (!isPlainObject(raw3)) {
137289
+ if (!isPlainObject2(raw3)) {
137220
137290
  this.markDirty("election");
137221
137291
  return /* @__PURE__ */ new Map();
137222
137292
  }
@@ -137274,7 +137344,7 @@ var FileStore = class {
137274
137344
  serializeSection(section) {
137275
137345
  switch (section) {
137276
137346
  case "cluster":
137277
- return this.cluster === null ? null : clone(this.cluster);
137347
+ return this.cluster === null ? null : clone2(this.cluster);
137278
137348
  case "nodes":
137279
137349
  return Object.fromEntries(sortEntries(this.nodes));
137280
137350
  case "tasks":
@@ -137304,7 +137374,7 @@ var FileStore = class {
137304
137374
  }
137305
137375
  }
137306
137376
  };
137307
- function clone(value) {
137377
+ function clone2(value) {
137308
137378
  return structuredClone(value);
137309
137379
  }
137310
137380
  function normalizeBound(value) {
@@ -137332,23 +137402,23 @@ function createPriorityCounter() {
137332
137402
  critical: 0
137333
137403
  };
137334
137404
  }
137335
- function isPlainObject(value) {
137405
+ function isPlainObject2(value) {
137336
137406
  return typeof value === "object" && value !== null && !Array.isArray(value);
137337
137407
  }
137338
137408
  function parseStringArray(value) {
137339
137409
  return Array.isArray(value) && value.every((item) => typeof item === "string") ? [...value] : void 0;
137340
137410
  }
137341
137411
  function parseNodeSettingsSnapshot(value) {
137342
- if (!isPlainObject(value)) {
137412
+ if (!isPlainObject2(value)) {
137343
137413
  return void 0;
137344
137414
  }
137345
137415
  if (typeof value.collectedAt !== "number" || !Number.isFinite(value.collectedAt) || typeof value.version !== "string" || typeof value.uptime !== "number" || !Number.isFinite(value.uptime)) {
137346
137416
  return void 0;
137347
137417
  }
137348
- return clone(value);
137418
+ return clone2(value);
137349
137419
  }
137350
137420
  function parseDevTunnelHealth(value) {
137351
- if (!isPlainObject(value)) {
137421
+ if (!isPlainObject2(value)) {
137352
137422
  return void 0;
137353
137423
  }
137354
137424
  if (value.status !== "healthy" && value.status !== "failed" || typeof value.checkedAt !== "number" || !Number.isFinite(value.checkedAt)) {
@@ -137364,10 +137434,10 @@ function parseDevTunnelHealth(value) {
137364
137434
  };
137365
137435
  }
137366
137436
  function isClusterInfo(value) {
137367
- return isPlainObject(value) && typeof value.clusterId === "string" && typeof value.createdAt === "number" && Number.isFinite(value.createdAt);
137437
+ return isPlainObject2(value) && typeof value.clusterId === "string" && typeof value.createdAt === "number" && Number.isFinite(value.createdAt);
137368
137438
  }
137369
137439
  function parseNodeInfo(value) {
137370
- if (!isPlainObject(value)) {
137440
+ if (!isPlainObject2(value)) {
137371
137441
  return null;
137372
137442
  }
137373
137443
  const role = asNodeRole(value.role);
@@ -137393,41 +137463,8 @@ function parseNodeInfo(value) {
137393
137463
  settingsSnapshot: parseNodeSettingsSnapshot(value.settingsSnapshot)
137394
137464
  };
137395
137465
  }
137396
- function parseTask(value) {
137397
- if (!isPlainObject(value)) {
137398
- return null;
137399
- }
137400
- const status = asTaskStatus(value.status);
137401
- const priority = asTaskPriority(value.priority);
137402
- const conversationKind = value.conversationKind === void 0 ? "meshyChat" : asTaskConversationKind(value.conversationKind);
137403
- if (typeof value.id !== "string" || typeof value.title !== "string" || typeof value.description !== "string" || typeof value.agent !== "string" || value.project !== null && typeof value.project !== "string" || value.effectiveProjectPath !== null && value.effectiveProjectPath !== void 0 && typeof value.effectiveProjectPath !== "string" || value.branch !== null && value.branch !== void 0 && typeof value.branch !== "string" || conversationKind === null || !isPlainObject(value.payload) || status === null || priority === null || value.assignedTo !== null && typeof value.assignedTo !== "string" || value.assignedNodeName !== void 0 && value.assignedNodeName !== null && typeof value.assignedNodeName !== "string" || typeof value.createdBy !== "string" || value.result !== null && !isPlainObject(value.result) || value.error !== null && typeof value.error !== "string" || typeof value.retryCount !== "number" || !Number.isFinite(value.retryCount) || typeof value.maxRetries !== "number" || !Number.isFinite(value.maxRetries) || typeof value.createdAt !== "number" || !Number.isFinite(value.createdAt) || typeof value.updatedAt !== "number" || !Number.isFinite(value.updatedAt)) {
137404
- return null;
137405
- }
137406
- return {
137407
- id: value.id,
137408
- title: value.title,
137409
- description: value.description,
137410
- agent: value.agent,
137411
- project: value.project ?? null,
137412
- effectiveProjectPath: typeof value.effectiveProjectPath === "string" ? value.effectiveProjectPath : null,
137413
- branch: value.branch === void 0 ? void 0 : typeof value.branch === "string" ? value.branch : null,
137414
- conversationKind,
137415
- payload: clone(value.payload),
137416
- status,
137417
- priority,
137418
- assignedTo: value.assignedTo,
137419
- assignedNodeName: typeof value.assignedNodeName === "string" ? value.assignedNodeName : null,
137420
- createdBy: value.createdBy,
137421
- result: value.result === null ? null : clone(value.result),
137422
- error: value.error,
137423
- retryCount: value.retryCount,
137424
- maxRetries: value.maxRetries,
137425
- createdAt: value.createdAt,
137426
- updatedAt: value.updatedAt
137427
- };
137428
- }
137429
137466
  function parseTaskShare(value) {
137430
- if (!isPlainObject(value)) {
137467
+ if (!isPlainObject2(value)) {
137431
137468
  return null;
137432
137469
  }
137433
137470
  if (typeof value.id !== "string" || typeof value.taskId !== "string" || typeof value.createdAt !== "number" || !Number.isFinite(value.createdAt) || value.revokedAt !== void 0 && (typeof value.revokedAt !== "number" || !Number.isFinite(value.revokedAt))) {
@@ -137455,20 +137492,11 @@ function asNodeRole(value) {
137455
137492
  function asNodeStatus(value) {
137456
137493
  return isNodeStatus(value) ? value : null;
137457
137494
  }
137458
- function asTaskStatus(value) {
137459
- return isTaskStatus(value) ? value : null;
137460
- }
137461
- function asTaskPriority(value) {
137462
- return isTaskPriority(value) ? value : null;
137463
- }
137464
- function asTaskConversationKind(value) {
137465
- return isTaskConversationKind(value) ? value : null;
137466
- }
137467
137495
  function sortEntries(input) {
137468
137496
  return Array.from(input.entries()).sort(([left], [right]) => left.localeCompare(right));
137469
137497
  }
137470
137498
  function isRecoverableAtomicReplaceError(err) {
137471
- if (!isPlainObject(err)) {
137499
+ if (!isPlainObject2(err)) {
137472
137500
  return false;
137473
137501
  }
137474
137502
  const code4 = err.code;
@@ -139924,7 +139952,10 @@ var ExecutionEngine = class {
139924
139952
  buildConfig(task) {
139925
139953
  const config2 = {};
139926
139954
  const p2 = task.payload;
139927
- if (typeof p2.model === "string") config2.model = p2.model;
139955
+ if (typeof p2.model === "string") {
139956
+ const model = p2.model.trim();
139957
+ if (model) config2.model = model;
139958
+ }
139928
139959
  if (typeof p2.systemPrompt === "string") config2.systemPrompt = p2.systemPrompt;
139929
139960
  if (Array.isArray(p2.allowedTools) && p2.allowedTools.every((t) => typeof t === "string")) {
139930
139961
  config2.allowedTools = p2.allowedTools;
@@ -141170,6 +141201,10 @@ function getCurrentGitBranch(workDir) {
141170
141201
  init_cjs_shims();
141171
141202
  var import_node_child_process3 = require("child_process");
141172
141203
 
141204
+ // ../../packages/core/src/agents/agent-models.ts
141205
+ init_cjs_shims();
141206
+ var DEFAULT_CLAUDE_CODE_MODEL = "claude-opus-4-8[1m]";
141207
+
141173
141208
  // ../../packages/core/src/agents/cli-invocations.ts
141174
141209
  init_cjs_shims();
141175
141210
  var fs9 = __toESM(require("fs"), 1);
@@ -141412,7 +141447,7 @@ var ClaudeLiteAdapter = class {
141412
141447
  "json",
141413
141448
  "--no-session-persistence",
141414
141449
  "--model",
141415
- options.model ?? "sonnet",
141450
+ options.model ?? DEFAULT_CLAUDE_CODE_MODEL,
141416
141451
  "--permission-mode",
141417
141452
  "default",
141418
141453
  "--tools",
@@ -141459,7 +141494,6 @@ init_cjs_shims();
141459
141494
  var fs10 = __toESM(require("fs"), 1);
141460
141495
  var path10 = __toESM(require("path"), 1);
141461
141496
  var import_node_child_process4 = require("child_process");
141462
- var DEFAULT_CLAUDE_MODEL = "sonnet";
141463
141497
  function buildClaudeModeArgs(mode) {
141464
141498
  switch (mode) {
141465
141499
  case "plan":
@@ -141474,7 +141508,7 @@ function buildClaudeModeArgs(mode) {
141474
141508
  }
141475
141509
  }
141476
141510
  function getClaudeModelArg(model) {
141477
- return model ?? DEFAULT_CLAUDE_MODEL;
141511
+ return model ?? DEFAULT_CLAUDE_CODE_MODEL;
141478
141512
  }
141479
141513
  function getClaudeStreamError(event) {
141480
141514
  if (event.type !== "result") {
@@ -144758,6 +144792,452 @@ ${joinErrors.map((e) => ` - ${e}`).join("\n")}`
144758
144792
  }
144759
144793
  };
144760
144794
 
144795
+ // ../../packages/core/src/mobile-auth/index.ts
144796
+ init_cjs_shims();
144797
+
144798
+ // ../../packages/core/src/mobile-auth/protocol/index.ts
144799
+ init_cjs_shims();
144800
+
144801
+ // ../../packages/core/src/mobile-auth/protocol/qr.ts
144802
+ init_cjs_shims();
144803
+ var MOBILE_PAIRING_QR_TYPE = "meshy.mobile.pairing";
144804
+ var MOBILE_PAIRING_QR_VERSION = 3;
144805
+ function buildPairingQrPayload(payload) {
144806
+ return {
144807
+ type: MOBILE_PAIRING_QR_TYPE,
144808
+ version: MOBILE_PAIRING_QR_VERSION,
144809
+ ...payload
144810
+ };
144811
+ }
144812
+ function serializePairingQrPayload(payload) {
144813
+ return JSON.stringify(payload);
144814
+ }
144815
+
144816
+ // ../../packages/core/src/mobile-auth/audit.ts
144817
+ init_cjs_shims();
144818
+ function createLoggerAuditRecorder(logger33) {
144819
+ const auditLog = logger33.child("mobile-audit");
144820
+ return {
144821
+ record(event) {
144822
+ const { eventType, ...rest } = event;
144823
+ auditLog.info(eventType, {
144824
+ timestamp: event.timestamp ?? (/* @__PURE__ */ new Date()).toISOString(),
144825
+ ...rest
144826
+ });
144827
+ }
144828
+ };
144829
+ }
144830
+
144831
+ // ../../packages/core/src/mobile-auth/pairing-invitations.ts
144832
+ init_cjs_shims();
144833
+ var MobilePairingInvitationError = class extends Error {
144834
+ constructor(code4, message, statusCode) {
144835
+ super(message);
144836
+ this.code = code4;
144837
+ this.statusCode = statusCode;
144838
+ this.name = "MobilePairingInvitationError";
144839
+ }
144840
+ code;
144841
+ statusCode;
144842
+ };
144843
+ var DEFAULT_TTL_MS = 5 * 60 * 1e3;
144844
+ var DEFAULT_MAX_TTL_MS = 10 * 60 * 1e3;
144845
+ var DEFAULT_MAX_USES = 1;
144846
+ function normalizePositiveInteger2(value, fallback) {
144847
+ if (typeof value !== "number" || !Number.isFinite(value)) return fallback;
144848
+ return Math.max(1, Math.floor(value));
144849
+ }
144850
+ function requireApiBaseUrl(value) {
144851
+ const trimmed = value?.trim();
144852
+ if (!trimmed) {
144853
+ throw new MobilePairingInvitationError("MOBILE_ENDPOINT_UNAVAILABLE", "mobile API endpoint is not available", 409);
144854
+ }
144855
+ try {
144856
+ const url3 = new URL(trimmed);
144857
+ return url3.toString().replace(/\/$/, "");
144858
+ } catch {
144859
+ throw new MobilePairingInvitationError("INVALID_MOBILE_ENDPOINT", "mobile API endpoint is invalid", 400);
144860
+ }
144861
+ }
144862
+ var MobilePairingInvitationService = class {
144863
+ constructor(options) {
144864
+ this.options = options;
144865
+ this.now = options.now ?? (() => Date.now());
144866
+ this.defaultTtlMs = options.defaultTtlMs ?? DEFAULT_TTL_MS;
144867
+ this.maxTtlMs = options.maxTtlMs ?? DEFAULT_MAX_TTL_MS;
144868
+ this.defaultMaxUses = options.defaultMaxUses ?? DEFAULT_MAX_USES;
144869
+ }
144870
+ options;
144871
+ invitations = /* @__PURE__ */ new Map();
144872
+ connections = /* @__PURE__ */ new Map();
144873
+ now;
144874
+ defaultTtlMs;
144875
+ maxTtlMs;
144876
+ defaultMaxUses;
144877
+ createInvitation(input = {}) {
144878
+ this.expireStaleInvitations();
144879
+ const apiBaseUrl = requireApiBaseUrl(input.apiBaseUrl ?? this.options.getApiBaseUrl());
144880
+ const now = this.now();
144881
+ const ttlMs = Math.min(normalizePositiveInteger2(input.ttlMs, this.defaultTtlMs), this.maxTtlMs);
144882
+ const maxUses = normalizePositiveInteger2(input.maxUses, this.defaultMaxUses);
144883
+ const invitation = {
144884
+ version: 1,
144885
+ pairingId: `pair_${nanoid(24)}`,
144886
+ nodeId: this.options.nodeId,
144887
+ nodeName: this.options.nodeName,
144888
+ apiBaseUrl,
144889
+ createdAt: new Date(now).toISOString(),
144890
+ expiresAt: new Date(now + ttlMs).toISOString(),
144891
+ maxUses,
144892
+ usedCount: 0,
144893
+ ...input.createdBy ? { createdBy: input.createdBy } : {},
144894
+ status: "active"
144895
+ };
144896
+ this.invitations.set(invitation.pairingId, invitation);
144897
+ this.options.audit?.record({
144898
+ eventType: "mobile.pairing.created",
144899
+ pairingId: invitation.pairingId,
144900
+ nodeId: invitation.nodeId,
144901
+ outcome: "success"
144902
+ });
144903
+ return {
144904
+ invitation: { ...invitation },
144905
+ qr: buildPairingQrPayload({
144906
+ nodeId: invitation.nodeId,
144907
+ nodeName: invitation.nodeName,
144908
+ apiBaseUrl: invitation.apiBaseUrl,
144909
+ pairingId: invitation.pairingId,
144910
+ expiresAt: invitation.expiresAt,
144911
+ maxUses: invitation.maxUses,
144912
+ aad: this.options.aad
144913
+ })
144914
+ };
144915
+ }
144916
+ getInvitation(pairingId) {
144917
+ this.expireStaleInvitations();
144918
+ const invitation = this.invitations.get(pairingId);
144919
+ return invitation ? { ...invitation } : null;
144920
+ }
144921
+ listInvitations() {
144922
+ this.expireStaleInvitations();
144923
+ return [...this.invitations.values()].map((invitation) => ({ ...invitation }));
144924
+ }
144925
+ consumeInvitation(pairingId, input) {
144926
+ this.expireStaleInvitations();
144927
+ const invitation = this.invitations.get(pairingId);
144928
+ if (!invitation) {
144929
+ throw new MobilePairingInvitationError("PAIRING_NOT_FOUND", "unknown pairing invitation", 404);
144930
+ }
144931
+ if (invitation.status !== "active") {
144932
+ throw new MobilePairingInvitationError("PAIRING_NOT_ACTIVE", `pairing invitation is ${invitation.status}`, 409);
144933
+ }
144934
+ if (invitation.usedCount >= invitation.maxUses) {
144935
+ invitation.status = "consumed";
144936
+ throw new MobilePairingInvitationError("PAIRING_CONSUMED", "pairing invitation has no remaining uses", 409);
144937
+ }
144938
+ invitation.usedCount += 1;
144939
+ if (invitation.usedCount >= invitation.maxUses) {
144940
+ invitation.status = "consumed";
144941
+ }
144942
+ const connection = {
144943
+ connectionId: `conn_${nanoid(24)}`,
144944
+ nodeId: invitation.nodeId,
144945
+ nodeName: invitation.nodeName,
144946
+ apiBaseUrl: invitation.apiBaseUrl,
144947
+ pairedAt: new Date(this.now()).toISOString(),
144948
+ ...input.deviceName ? { deviceName: input.deviceName } : {},
144949
+ ...input.platform ? { platform: input.platform } : {},
144950
+ ...input.appVersion ? { appVersion: input.appVersion } : {},
144951
+ tokenSubject: {
144952
+ tenantId: input.identity.tenantId,
144953
+ ...input.identity.objectId ? { oid: input.identity.objectId } : {},
144954
+ upn: input.identity.upn
144955
+ }
144956
+ };
144957
+ this.connections.set(connection.connectionId, connection);
144958
+ this.options.audit?.record({
144959
+ eventType: "mobile.pairing.consumed",
144960
+ pairingId,
144961
+ nodeId: invitation.nodeId,
144962
+ outcome: "success",
144963
+ sourceAddress: input.sourceAddress,
144964
+ outerPrincipal: input.identity.upn
144965
+ });
144966
+ return { ...connection, tokenSubject: { ...connection.tokenSubject } };
144967
+ }
144968
+ cancelInvitation(pairingId) {
144969
+ this.expireStaleInvitations();
144970
+ const invitation = this.invitations.get(pairingId);
144971
+ if (!invitation || invitation.status !== "active") return false;
144972
+ invitation.status = "cancelled";
144973
+ this.options.audit?.record({
144974
+ eventType: "mobile.pairing.cancelled",
144975
+ pairingId,
144976
+ nodeId: invitation.nodeId,
144977
+ outcome: "success"
144978
+ });
144979
+ return true;
144980
+ }
144981
+ listConnections() {
144982
+ return [...this.connections.values()].map((connection) => ({
144983
+ ...connection,
144984
+ tokenSubject: { ...connection.tokenSubject }
144985
+ }));
144986
+ }
144987
+ revokeConnection(connectionId) {
144988
+ const connection = this.connections.get(connectionId);
144989
+ const deleted = this.connections.delete(connectionId);
144990
+ if (deleted) {
144991
+ this.options.audit?.record({
144992
+ eventType: "mobile.connection.revoked",
144993
+ nodeId: connection?.nodeId,
144994
+ outcome: "success"
144995
+ });
144996
+ }
144997
+ return deleted;
144998
+ }
144999
+ dispose() {
145000
+ this.invitations.clear();
145001
+ this.connections.clear();
145002
+ }
145003
+ expireStaleInvitations() {
145004
+ const now = this.now();
145005
+ for (const invitation of this.invitations.values()) {
145006
+ if (invitation.status === "active" && Date.parse(invitation.expiresAt) <= now) {
145007
+ invitation.status = "expired";
145008
+ this.options.audit?.record({
145009
+ eventType: "mobile.pairing.expired",
145010
+ pairingId: invitation.pairingId,
145011
+ nodeId: invitation.nodeId,
145012
+ outcome: "failure",
145013
+ reason: "expired"
145014
+ });
145015
+ }
145016
+ }
145017
+ }
145018
+ };
145019
+
145020
+ // ../../packages/core/src/mobile-auth/aad-validator.ts
145021
+ init_cjs_shims();
145022
+ var crypto4 = __toESM(require("crypto"), 1);
145023
+
145024
+ // ../../packages/core/src/mobile-auth/protocol/base64url.ts
145025
+ init_cjs_shims();
145026
+ var ALPHABET = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";
145027
+ var DECODE_TABLE = (() => {
145028
+ const table2 = new Int16Array(128).fill(-1);
145029
+ for (let i = 0; i < ALPHABET.length; i += 1) {
145030
+ table2[ALPHABET.charCodeAt(i)] = i;
145031
+ }
145032
+ return table2;
145033
+ })();
145034
+ function fromBase64Url(text10) {
145035
+ const length = text10.length;
145036
+ const remainder = length % 4;
145037
+ if (remainder === 1) {
145038
+ throw new Error("mobile-auth: invalid base64url length");
145039
+ }
145040
+ const fullGroups = Math.floor(length / 4);
145041
+ let outLength = fullGroups * 3;
145042
+ if (remainder === 2) {
145043
+ outLength += 1;
145044
+ } else if (remainder === 3) {
145045
+ outLength += 2;
145046
+ }
145047
+ const out = new Uint8Array(outLength);
145048
+ let outIndex = 0;
145049
+ let i = 0;
145050
+ const decode2 = (charCode) => {
145051
+ const value = charCode < 128 ? DECODE_TABLE[charCode] ?? -1 : -1;
145052
+ if (value < 0) {
145053
+ throw new Error("mobile-auth: invalid base64url character");
145054
+ }
145055
+ return value;
145056
+ };
145057
+ for (; i + 4 <= length; i += 4) {
145058
+ const c0 = decode2(text10.charCodeAt(i));
145059
+ const c1 = decode2(text10.charCodeAt(i + 1));
145060
+ const c2 = decode2(text10.charCodeAt(i + 2));
145061
+ const c3 = decode2(text10.charCodeAt(i + 3));
145062
+ out[outIndex++] = c0 << 2 | c1 >> 4;
145063
+ out[outIndex++] = (c1 & 15) << 4 | c2 >> 2;
145064
+ out[outIndex++] = (c2 & 3) << 6 | c3;
145065
+ }
145066
+ if (remainder === 2) {
145067
+ const c0 = decode2(text10.charCodeAt(i));
145068
+ const c1 = decode2(text10.charCodeAt(i + 1));
145069
+ out[outIndex++] = c0 << 2 | c1 >> 4;
145070
+ } else if (remainder === 3) {
145071
+ const c0 = decode2(text10.charCodeAt(i));
145072
+ const c1 = decode2(text10.charCodeAt(i + 1));
145073
+ const c2 = decode2(text10.charCodeAt(i + 2));
145074
+ out[outIndex++] = c0 << 2 | c1 >> 4;
145075
+ out[outIndex++] = (c1 & 15) << 4 | c2 >> 2;
145076
+ }
145077
+ return out;
145078
+ }
145079
+
145080
+ // ../../packages/core/src/mobile-auth/protocol/bytes.ts
145081
+ init_cjs_shims();
145082
+ function bytesToUtf8(bytes) {
145083
+ return new TextDecoder().decode(bytes);
145084
+ }
145085
+
145086
+ // ../../packages/core/src/mobile-auth/aad-validator.ts
145087
+ var DEFAULT_JWKS_TTL_MS = 60 * 60 * 1e3;
145088
+ var DEFAULT_CLOCK_SKEW_SEC = 120;
145089
+ function decodeJsonSegment(segment) {
145090
+ return JSON.parse(bytesToUtf8(fromBase64Url(segment)));
145091
+ }
145092
+ function parseJwt(token) {
145093
+ const parts = token.split(".");
145094
+ if (parts.length !== 3) {
145095
+ return null;
145096
+ }
145097
+ const [headerB64, payloadB64, signatureB64] = parts;
145098
+ try {
145099
+ return {
145100
+ header: decodeJsonSegment(headerB64),
145101
+ payload: decodeJsonSegment(payloadB64),
145102
+ signingInput: `${headerB64}.${payloadB64}`,
145103
+ signature: Buffer.from(fromBase64Url(signatureB64))
145104
+ };
145105
+ } catch {
145106
+ return null;
145107
+ }
145108
+ }
145109
+ async function defaultJwksFetch(tenantId) {
145110
+ const response = await globalThis.fetch(
145111
+ `https://login.microsoftonline.com/${encodeURIComponent(tenantId)}/discovery/v2.0/keys`
145112
+ );
145113
+ if (!response.ok) {
145114
+ throw new Error(`mobile-auth: AAD JWKS fetch failed with status ${response.status}`);
145115
+ }
145116
+ return await response.json();
145117
+ }
145118
+ var MobileAadTokenValidator = class {
145119
+ allowedTenants;
145120
+ audiences;
145121
+ allowedUpns;
145122
+ allowedUpnDomains;
145123
+ jwksFetch;
145124
+ now;
145125
+ clockSkewSec;
145126
+ jwksTtlMs;
145127
+ jwksCache = /* @__PURE__ */ new Map();
145128
+ constructor(config2) {
145129
+ this.allowedTenants = new Set(config2.allowedTenants.map((t) => t.toLowerCase()));
145130
+ this.audiences = new Set(config2.audiences);
145131
+ this.allowedUpns = config2.allowedUpns ? new Set(config2.allowedUpns.map((u) => u.toLowerCase())) : void 0;
145132
+ this.allowedUpnDomains = config2.allowedUpnDomains ? new Set(config2.allowedUpnDomains.map((d) => d.toLowerCase())) : void 0;
145133
+ this.jwksFetch = config2.jwksFetch ?? defaultJwksFetch;
145134
+ this.now = config2.now ?? (() => Date.now());
145135
+ this.clockSkewSec = config2.clockSkewSec ?? DEFAULT_CLOCK_SKEW_SEC;
145136
+ this.jwksTtlMs = config2.jwksTtlMs ?? DEFAULT_JWKS_TTL_MS;
145137
+ }
145138
+ async validate(authorization) {
145139
+ const token = (authorization ?? "").replace(/^Bearer\s+/i, "").trim();
145140
+ if (!token) {
145141
+ return { ok: false, reason: "missing-token" };
145142
+ }
145143
+ const jwt2 = parseJwt(token);
145144
+ if (!jwt2) {
145145
+ return { ok: false, reason: "malformed-token" };
145146
+ }
145147
+ if (jwt2.header.alg !== "RS256" || !jwt2.header.kid) {
145148
+ return { ok: false, reason: "unsupported-alg" };
145149
+ }
145150
+ const tid = typeof jwt2.payload.tid === "string" ? jwt2.payload.tid.toLowerCase() : void 0;
145151
+ if (!tid || !this.allowedTenants.has(tid)) {
145152
+ return { ok: false, reason: "tenant-not-allowed" };
145153
+ }
145154
+ let verified = false;
145155
+ try {
145156
+ verified = await this.verifySignature(tid, jwt2.header.kid, jwt2.signingInput, jwt2.signature);
145157
+ } catch {
145158
+ return { ok: false, reason: "jwks-error" };
145159
+ }
145160
+ if (!verified) {
145161
+ return { ok: false, reason: "bad-signature" };
145162
+ }
145163
+ const nowSec = Math.floor(this.now() / 1e3);
145164
+ const exp = typeof jwt2.payload.exp === "number" ? jwt2.payload.exp : 0;
145165
+ const nbf = typeof jwt2.payload.nbf === "number" ? jwt2.payload.nbf : 0;
145166
+ if (exp + this.clockSkewSec < nowSec) {
145167
+ return { ok: false, reason: "expired" };
145168
+ }
145169
+ if (nbf - this.clockSkewSec > nowSec) {
145170
+ return { ok: false, reason: "not-yet-valid" };
145171
+ }
145172
+ const iss = typeof jwt2.payload.iss === "string" ? jwt2.payload.iss : "";
145173
+ if (iss !== `https://login.microsoftonline.com/${tid}/v2.0` && iss !== `https://sts.windows.net/${tid}/`) {
145174
+ return { ok: false, reason: "bad-issuer" };
145175
+ }
145176
+ const aud = jwt2.payload.aud;
145177
+ const audValues = Array.isArray(aud) ? aud : [aud];
145178
+ if (!audValues.some((value) => typeof value === "string" && this.audiences.has(value))) {
145179
+ return { ok: false, reason: "bad-audience" };
145180
+ }
145181
+ const upnRaw = typeof jwt2.payload.upn === "string" ? jwt2.payload.upn : typeof jwt2.payload.preferred_username === "string" ? jwt2.payload.preferred_username : "";
145182
+ const upn = upnRaw.trim().toLowerCase();
145183
+ if (!upn || !upn.includes("@")) {
145184
+ return { ok: false, reason: "invalid-upn" };
145185
+ }
145186
+ if (this.allowedUpns && !this.allowedUpns.has(upn)) {
145187
+ return { ok: false, reason: "upn-not-allowed" };
145188
+ }
145189
+ if (this.allowedUpnDomains) {
145190
+ const domain2 = upn.slice(upn.indexOf("@") + 1);
145191
+ if (!this.allowedUpnDomains.has(domain2)) {
145192
+ return { ok: false, reason: "upn-domain-not-allowed" };
145193
+ }
145194
+ }
145195
+ return {
145196
+ ok: true,
145197
+ identity: {
145198
+ tenantId: tid,
145199
+ upn,
145200
+ objectId: typeof jwt2.payload.oid === "string" ? jwt2.payload.oid : void 0,
145201
+ name: typeof jwt2.payload.name === "string" ? jwt2.payload.name : void 0
145202
+ }
145203
+ };
145204
+ }
145205
+ async verifySignature(tenantId, kid, signingInput, signature) {
145206
+ let key2 = await this.findKey(tenantId, kid, false);
145207
+ if (!key2) {
145208
+ key2 = await this.findKey(tenantId, kid, true);
145209
+ }
145210
+ if (!key2 || key2.kty !== "RSA" || !key2.n || !key2.e) {
145211
+ return false;
145212
+ }
145213
+ try {
145214
+ const publicKey = crypto4.createPublicKey({ key: { kty: "RSA", n: key2.n, e: key2.e }, format: "jwk" });
145215
+ return crypto4.createVerify("RSA-SHA256").update(signingInput).verify(publicKey, signature);
145216
+ } catch {
145217
+ return false;
145218
+ }
145219
+ }
145220
+ async findKey(tenantId, kid, forceRefresh) {
145221
+ const cached2 = this.jwksCache.get(tenantId);
145222
+ const fresh = cached2 && !forceRefresh && this.now() - cached2.fetchedAt < this.jwksTtlMs;
145223
+ let jwks = fresh ? cached2.jwks : void 0;
145224
+ if (!jwks) {
145225
+ jwks = await this.jwksFetch(tenantId);
145226
+ this.jwksCache.set(tenantId, { jwks, fetchedAt: this.now() });
145227
+ }
145228
+ return jwks.keys.find((entry) => entry.kid === kid);
145229
+ }
145230
+ };
145231
+
145232
+ // ../../packages/core/src/mobile-auth/ingress/index.ts
145233
+ init_cjs_shims();
145234
+
145235
+ // ../../packages/core/src/mobile-auth/ingress/types.ts
145236
+ init_cjs_shims();
145237
+
145238
+ // ../../packages/core/src/mobile-auth/ingress/devtunnel.ts
145239
+ init_cjs_shims();
145240
+
144761
145241
  // ../../packages/api/src/index.ts
144762
145242
  init_cjs_shims();
144763
145243
 
@@ -145342,7 +145822,7 @@ var BatchTaskIdsBody = external_exports.object({
145342
145822
  init_cjs_shims();
145343
145823
  var path32 = __toESM(require("path"), 1);
145344
145824
  var fs27 = __toESM(require("fs"), 1);
145345
- var import_express17 = __toESM(require_express2(), 1);
145825
+ var import_express18 = __toESM(require_express2(), 1);
145346
145826
 
145347
145827
  // ../../packages/api/src/middleware/auth.ts
145348
145828
  init_cjs_shims();
@@ -145433,56 +145913,129 @@ function getAuthLogger(req) {
145433
145913
  function getBearerAuthHeader(req) {
145434
145914
  return req.headers[MESHY_AUTHORIZATION_HEADER] ?? req.headers.authorization;
145435
145915
  }
145436
- function createAuthMiddleware(config2) {
145437
- return (req, _res, next2) => {
145438
- const log2 = getAuthLogger(req);
145439
- if (SKIP_AUTH_PATHS.includes(req.path)) {
145440
- next2();
145916
+ function isPromiseLike(value) {
145917
+ return Boolean(value && typeof value.then === "function");
145918
+ }
145919
+ function isMobileBearerAllowed(req, config2) {
145920
+ return config2.allowMobileBearerAuth?.(req) === true;
145921
+ }
145922
+ function validateApiKey(req, config2) {
145923
+ if (!config2.apiKey) {
145924
+ return;
145925
+ }
145926
+ const provided = req.headers["x-api-key"];
145927
+ if (!provided || provided !== config2.apiKey) {
145928
+ throw new MeshyError("VALIDATION_ERROR", "Invalid or missing API key", 401);
145929
+ }
145930
+ }
145931
+ function rejectBearerRequest(req, log2, reason) {
145932
+ log2.warn("rejected bearer-authenticated request", {
145933
+ path: req.path,
145934
+ method: req.method,
145935
+ hosts: getRequestHosts(req),
145936
+ reason
145937
+ });
145938
+ throw new MeshyError("VALIDATION_ERROR", "Invalid or missing bearer token", 401, { reason });
145939
+ }
145940
+ function logAcceptedBearer(req, log2, message, reason) {
145941
+ log2.debug(message, {
145942
+ path: req.path,
145943
+ method: req.method,
145944
+ hosts: getRequestHosts(req),
145945
+ reason
145946
+ });
145947
+ }
145948
+ async function validateMobileBearer(header, config2) {
145949
+ if (!config2.validateMobileBearerToken) {
145950
+ return { ok: false, reason: "mobile-auth-unavailable" };
145951
+ }
145952
+ try {
145953
+ return await config2.validateMobileBearerToken(header);
145954
+ } catch {
145955
+ return { ok: false, reason: "mobile-auth-error" };
145956
+ }
145957
+ }
145958
+ function authenticateBearerRequest(req, config2, log2) {
145959
+ if (config2.allowTrustedHostBypass !== false && isTrustedDashboardRequest(req, config2)) {
145960
+ log2.debug("skipping bearer auth for trusted dashboard request", {
145961
+ path: req.path,
145962
+ method: req.method,
145963
+ hosts: getRequestHosts(req)
145964
+ });
145965
+ return;
145966
+ }
145967
+ const header = getBearerAuthHeader(req);
145968
+ const nodeBearer = config2.validateBearerToken(header);
145969
+ if (nodeBearer.ok) {
145970
+ logAcceptedBearer(req, log2, "accepted bearer-authenticated request", nodeBearer.reason);
145971
+ return;
145972
+ }
145973
+ if (!isMobileBearerAllowed(req, config2)) {
145974
+ rejectBearerRequest(req, log2, nodeBearer.reason);
145975
+ }
145976
+ return validateMobileBearer(header, config2).then((mobileBearer) => {
145977
+ if (mobileBearer.ok) {
145978
+ logAcceptedBearer(req, log2, "accepted mobile bearer-authenticated request", mobileBearer.reason);
145441
145979
  return;
145442
145980
  }
145443
- if (config2.validateBearerToken) {
145444
- if (config2.allowTrustedHostBypass !== false && isTrustedDashboardRequest(req, config2)) {
145445
- log2.debug("skipping bearer auth for trusted dashboard request", {
145446
- path: req.path,
145447
- method: req.method,
145448
- hosts: getRequestHosts(req)
145449
- });
145450
- next2();
145451
- return;
145452
- }
145453
- const result = config2.validateBearerToken(getBearerAuthHeader(req));
145454
- if (!result.ok) {
145455
- log2.warn("rejected bearer-authenticated request", {
145456
- path: req.path,
145457
- method: req.method,
145458
- hosts: getRequestHosts(req),
145459
- reason: result.reason
145460
- });
145461
- throw new MeshyError("VALIDATION_ERROR", "Invalid or missing bearer token", 401, {
145462
- reason: result.reason
145463
- });
145464
- }
145465
- log2.debug("accepted bearer-authenticated request", {
145466
- path: req.path,
145467
- method: req.method,
145468
- hosts: getRequestHosts(req),
145469
- reason: result.reason
145470
- });
145471
- next2();
145981
+ rejectBearerRequest(req, log2, `node:${nodeBearer.reason}; mobile:${mobileBearer.reason}`);
145982
+ });
145983
+ }
145984
+ function authenticateMobileOrApiKeyRequest(req, config2, log2) {
145985
+ return validateMobileBearer(getBearerAuthHeader(req), config2).then((mobileBearer) => {
145986
+ if (mobileBearer.ok) {
145987
+ logAcceptedBearer(req, log2, "accepted mobile bearer-authenticated request", mobileBearer.reason);
145472
145988
  return;
145473
145989
  }
145474
- if (!config2.apiKey) {
145475
- next2();
145990
+ validateApiKey(req, config2);
145991
+ });
145992
+ }
145993
+ function authenticateRequest(req, config2) {
145994
+ if (SKIP_AUTH_PATHS.includes(req.path)) {
145995
+ return;
145996
+ }
145997
+ const log2 = getAuthLogger(req);
145998
+ if (config2.validateBearerToken) {
145999
+ return authenticateBearerRequest(req, config2, log2);
146000
+ }
146001
+ if (config2.validateMobileBearerToken && isMobileBearerAllowed(req, config2)) {
146002
+ return authenticateMobileOrApiKeyRequest(req, config2, log2);
146003
+ }
146004
+ validateApiKey(req, config2);
146005
+ }
146006
+ function createAuthMiddleware(config2) {
146007
+ return (req, _res, next2) => {
146008
+ const result = authenticateRequest(req, config2);
146009
+ if (isPromiseLike(result)) {
146010
+ void result.then(() => next2(), next2);
145476
146011
  return;
145477
146012
  }
145478
- const provided = req.headers["x-api-key"];
145479
- if (!provided || provided !== config2.apiKey) {
145480
- throw new MeshyError("VALIDATION_ERROR", "Invalid or missing API key", 401);
145481
- }
145482
146013
  next2();
145483
146014
  };
145484
146015
  }
145485
146016
 
146017
+ // ../../packages/api/src/middleware/mobile-paths.ts
146018
+ init_cjs_shims();
146019
+ var MOBILE_PAIRING_CONSUME_PATH = /^\/api\/mobile\/pairings\/[^/]+\/consume$/;
146020
+ var MOBILE_REST_PATH_PREFIXES = [
146021
+ "/api/system/",
146022
+ "/api/cluster/",
146023
+ "/api/nodes",
146024
+ "/api/node-operations",
146025
+ "/api/tasks",
146026
+ "/api/events",
146027
+ "/api/shared"
146028
+ ];
146029
+ function isMobileBearerAuthPath(pathname) {
146030
+ if (MOBILE_PAIRING_CONSUME_PATH.test(pathname)) {
146031
+ return true;
146032
+ }
146033
+ if (pathname === "/api/mobile" || pathname.startsWith("/api/mobile/")) {
146034
+ return false;
146035
+ }
146036
+ return MOBILE_REST_PATH_PREFIXES.some((prefix) => pathname === prefix || pathname.startsWith(prefix));
146037
+ }
146038
+
145486
146039
  // ../../packages/api/src/middleware/routing.ts
145487
146040
  init_cjs_shims();
145488
146041
  function isRoutingMiddlewareDeps(input) {
@@ -147386,6 +147939,42 @@ function buildNodeSettingsSnapshot(options) {
147386
147939
  packages: runtimeMetadata?.packages ?? {}
147387
147940
  };
147388
147941
  }
147942
+ function buildSystemInfo(deps) {
147943
+ const self2 = deps.nodeRegistry.getSelf();
147944
+ const auth = deps.config.authMetadata ?? {
147945
+ enabled: false,
147946
+ allowSameTenant: false,
147947
+ allowedUsers: []
147948
+ };
147949
+ const settingsSnapshot = buildNodeSettingsSnapshot({
147950
+ auth,
147951
+ inspectRuntimeTools: deps.inspectRuntimeTools,
147952
+ localDashboardOrigin: deps.localDashboardOrigin,
147953
+ runtimeMetadata: deps.runtimeMetadata,
147954
+ runtimeUpdate: deps.getRuntimeUpdate?.() ?? deps.runtimeUpdate,
147955
+ storagePath: deps.storagePath,
147956
+ workDir: self2.workDir
147957
+ });
147958
+ return {
147959
+ ...self2,
147960
+ nodeId: self2.id,
147961
+ version: settingsSnapshot.version,
147962
+ packageName: settingsSnapshot.packageName,
147963
+ uptime: settingsSnapshot.uptime,
147964
+ transportType: deps.getTransportType?.() ?? "direct",
147965
+ dashboardOrigin: deps.dashboardOrigin ?? self2.dashboardOrigin,
147966
+ localDashboardOrigin: deps.localDashboardOrigin,
147967
+ auth: settingsSnapshot.auth,
147968
+ os: settingsSnapshot.os,
147969
+ runtime: settingsSnapshot.runtime,
147970
+ runtimeUpdate: settingsSnapshot.runtimeUpdate,
147971
+ agents: settingsSnapshot.agents,
147972
+ startupRequirements: settingsSnapshot.startupRequirements,
147973
+ components: settingsSnapshot.components,
147974
+ repository: settingsSnapshot.repository,
147975
+ packages: settingsSnapshot.packages
147976
+ };
147977
+ }
147389
147978
 
147390
147979
  // ../../packages/api/src/node/agent-upgrade-service.ts
147391
147980
  var AGENT_PACKAGES = {
@@ -147888,22 +148477,22 @@ var InMemoryNodeOperationStore = class {
147888
148477
  operations = /* @__PURE__ */ new Map();
147889
148478
  get(id) {
147890
148479
  const operation = this.operations.get(id);
147891
- return operation ? clone3(operation) : null;
148480
+ return operation ? clone4(operation) : null;
147892
148481
  }
147893
148482
  list(filter = {}) {
147894
- return Array.from(this.operations.values()).filter((operation) => matchesFilter(operation, filter)).sort((a, b) => b.createdAt - a.createdAt).map((operation) => clone3(operation));
148483
+ return Array.from(this.operations.values()).filter((operation) => matchesFilter(operation, filter)).sort((a, b) => b.createdAt - a.createdAt).map((operation) => clone4(operation));
147895
148484
  }
147896
148485
  upsert(operation) {
147897
- const copy = clone3(operation);
148486
+ const copy = clone4(operation);
147898
148487
  this.operations.set(copy.id, copy);
147899
- return clone3(copy);
148488
+ return clone4(copy);
147900
148489
  }
147901
148490
  update(id, updates) {
147902
148491
  const current = this.operations.get(id);
147903
148492
  if (!current) return null;
147904
- const next2 = { ...current, ...clone3(updates), id, createdAt: current.createdAt };
148493
+ const next2 = { ...current, ...clone4(updates), id, createdAt: current.createdAt };
147905
148494
  this.operations.set(id, next2);
147906
- return clone3(next2);
148495
+ return clone4(next2);
147907
148496
  }
147908
148497
  };
147909
148498
  var NodeOperationService = class {
@@ -148284,7 +148873,7 @@ function matchesFilter(operation, filter) {
148284
148873
  function isTerminalStatus(status) {
148285
148874
  return status === "succeeded" || status === "failed";
148286
148875
  }
148287
- function clone3(value) {
148876
+ function clone4(value) {
148288
148877
  return JSON.parse(JSON.stringify(value));
148289
148878
  }
148290
148879
 
@@ -148965,7 +149554,7 @@ init_cjs_shims();
148965
149554
 
148966
149555
  // ../../packages/api/src/preview/preview-server.ts
148967
149556
  init_cjs_shims();
148968
- var crypto4 = __toESM(require("crypto"), 1);
149557
+ var crypto5 = __toESM(require("crypto"), 1);
148969
149558
  var fs23 = __toESM(require("fs"), 1);
148970
149559
  var path28 = __toESM(require("path"), 1);
148971
149560
  var http2 = __toESM(require("http"), 1);
@@ -159449,15 +160038,15 @@ function doctype2(node2, state3) {
159449
160038
  }
159450
160039
  function stitch(node2, state3) {
159451
160040
  state3.stitches = true;
159452
- const clone4 = cloneWithoutChildren(node2);
159453
- if ("children" in node2 && "children" in clone4) {
160041
+ const clone5 = cloneWithoutChildren(node2);
160042
+ if ("children" in node2 && "children" in clone5) {
159454
160043
  const fakeRoot = (
159455
160044
  /** @type {Root} */
159456
160045
  raw({ type: "root", children: node2.children }, state3.options)
159457
160046
  );
159458
- clone4.children = fakeRoot.children;
160047
+ clone5.children = fakeRoot.children;
159459
160048
  }
159460
- comment2({ type: "comment", value: { stitch: clone4 } }, state3);
160049
+ comment2({ type: "comment", value: { stitch: clone5 } }, state3);
159461
160050
  }
159462
160051
  function comment2(node2, state3) {
159463
160052
  const data = node2.value;
@@ -172266,7 +172855,7 @@ var import_extend = __toESM(require_extend(), 1);
172266
172855
 
172267
172856
  // ../../node_modules/.pnpm/is-plain-obj@4.1.0/node_modules/is-plain-obj/index.js
172268
172857
  init_cjs_shims();
172269
- function isPlainObject4(value) {
172858
+ function isPlainObject5(value) {
172270
172859
  if (typeof value !== "object" || value === null) {
172271
172860
  return false;
172272
172861
  }
@@ -173596,7 +174185,7 @@ var Processor = class _Processor extends CallableInstance {
173596
174185
  } else if (parameters2.length > 0) {
173597
174186
  let [primary, ...rest] = parameters2;
173598
174187
  const currentPrimary = attachers[entryIndex][1];
173599
- if (isPlainObject4(currentPrimary) && isPlainObject4(primary)) {
174188
+ if (isPlainObject5(currentPrimary) && isPlainObject5(primary)) {
173600
174189
  primary = (0, import_extend.default)(true, currentPrimary, primary);
173601
174190
  }
173602
174191
  attachers[entryIndex] = [plugin, primary, ...rest];
@@ -173623,7 +174212,7 @@ function assertUnfrozen(name2, frozen) {
173623
174212
  }
173624
174213
  }
173625
174214
  function assertNode(node2) {
173626
- if (!isPlainObject4(node2) || typeof node2.type !== "string") {
174215
+ if (!isPlainObject5(node2) || typeof node2.type !== "string") {
173627
174216
  throw new TypeError("Expected node, got `" + node2 + "`");
173628
174217
  }
173629
174218
  }
@@ -173799,12 +174388,12 @@ function buildPreviewRouteUrl(origin, route, session) {
173799
174388
  const suffix = encodedEntryPath.length > 0 ? `/${encodedEntryPath}` : session.kind === "service" ? "/" : "";
173800
174389
  return `${origin.replace(/\/+$/, "")}/${route}/${session.token}${suffix}`;
173801
174390
  }
173802
- var DEFAULT_TTL_MS = 15 * 60 * 1e3;
174391
+ var DEFAULT_TTL_MS2 = 15 * 60 * 1e3;
173803
174392
  var PreviewSessionManager = class {
173804
174393
  sessions = /* @__PURE__ */ new Map();
173805
174394
  create(options) {
173806
- const token = crypto4.randomBytes(32).toString("hex");
173807
- const expiresAt = Date.now() + (options.ttlMs ?? DEFAULT_TTL_MS);
174395
+ const token = crypto5.randomBytes(32).toString("hex");
174396
+ const expiresAt = Date.now() + (options.ttlMs ?? DEFAULT_TTL_MS2);
173808
174397
  if (options.port !== void 0) {
173809
174398
  const session2 = {
173810
174399
  token,
@@ -176705,7 +177294,10 @@ async function sendTaskFollowUpMessage(deps, task, content3, metadata) {
176705
177294
  });
176706
177295
  try {
176707
177296
  const client = new NodeMessageClient({ heartbeat: deps.heartbeat, logger: deps.logger });
176708
- const delivery = await client.send(node2, createNodeMessage("task.message", { taskId: task.id, content: content3 }));
177297
+ const delivery = await client.send(node2, createNodeMessage("task.message", {
177298
+ taskId: task.id,
177299
+ content: content3
177300
+ }));
176709
177301
  return delivery.queued ? { queued: true } : {};
176710
177302
  } catch (err) {
176711
177303
  restoreTaskState(deps.taskEngine, task);
@@ -176737,6 +177329,18 @@ function queueRunningTaskMessage(deps, task, content3) {
176737
177329
  });
176738
177330
  return queued;
176739
177331
  }
177332
+ var MESSAGEABLE_STATUSES = /* @__PURE__ */ new Set(["running", "completed", "cancelled", "failed"]);
177333
+ async function applyTaskMessage(deps, task, content3) {
177334
+ if (!MESSAGEABLE_STATUSES.has(task.status)) {
177335
+ throw new MeshyError("VALIDATION_ERROR", `Cannot send message to task in ${task.status} status`, 400);
177336
+ }
177337
+ if (task.status === "running") {
177338
+ const queued = queueRunningTaskMessage(deps, task, content3);
177339
+ return { ok: true, queued: true, queuedMessages: queued.queuedMessages ?? [] };
177340
+ }
177341
+ const result = await sendTaskFollowUpMessage(deps, task, content3);
177342
+ return result.queued ? { ok: true, queued: true } : { ok: true };
177343
+ }
176740
177344
  function cancelQueuedTaskMessage(deps, taskId, messageId) {
176741
177345
  const task = deps.taskEngine.removeQueuedTaskMessage(taskId, messageId);
176742
177346
  if (!task) {
@@ -177242,6 +177846,10 @@ var ACTIVE_STATUSES = /* @__PURE__ */ new Set(["pending", "assigned", "running"]
177242
177846
  var TASK_DELETE_NOTIFY_TIMEOUT_MS = 1500;
177243
177847
  var TASK_DETAIL_PROXY_TIMEOUT_MS = 1e4;
177244
177848
  var TASK_DETAIL_PROXY_HEADER = "x-meshy-task-detail-proxy";
177849
+ var DEFAULT_TASK_TITLE_GENERATION_MODEL = "gpt-5.4-mini";
177850
+ function getTaskTitleGenerationModel(agent) {
177851
+ return agent === "claudecode" ? void 0 : DEFAULT_TASK_TITLE_GENERATION_MODEL;
177852
+ }
177245
177853
  function shouldGenerateTitle(task) {
177246
177854
  return task.payload.titleSource === "derived";
177247
177855
  }
@@ -177267,6 +177875,7 @@ function scheduleTitleGeneration(deps, task) {
177267
177875
  }
177268
177876
  const prompt = getTitlePrompt(task);
177269
177877
  const cwd = deps.workDir;
177878
+ const model = getTaskTitleGenerationModel(task.agent);
177270
177879
  log2.info("generating task title", {
177271
177880
  taskId: task.id,
177272
177881
  agent: task.agent,
@@ -177279,7 +177888,8 @@ function scheduleTitleGeneration(deps, task) {
177279
177888
  existingTitle: task.title
177280
177889
  }, {
177281
177890
  agent: task.agent,
177282
- cwd
177891
+ cwd,
177892
+ ...model ? { model } : {}
177283
177893
  }).then(({ title }) => {
177284
177894
  const current = deps.taskEngine.getTask(task.id);
177285
177895
  if (!current) {
@@ -177752,22 +178362,11 @@ function createTaskRoutes() {
177752
178362
  if (!task) {
177753
178363
  throw new MeshyError("TASK_NOT_FOUND", `Task ${taskId} not found`, 404);
177754
178364
  }
177755
- if (!["running", "completed", "cancelled", "failed"].includes(task.status)) {
177756
- throw new MeshyError("VALIDATION_ERROR", `Cannot send message to task in ${task.status} status`, 400);
177757
- }
177758
- if (task.status === "running") {
177759
- const queued = queueRunningTaskMessage({ taskEngine, logger: rootLogger }, task, body3.content);
177760
- res.json({ ok: true, queued: true, queuedMessages: queued.queuedMessages ?? [] });
177761
- return;
177762
- }
177763
- const result = await sendTaskFollowUpMessage({
177764
- taskEngine,
177765
- engineRegistry,
177766
- nodeRegistry,
177767
- heartbeat,
177768
- logger: rootLogger
177769
- }, task, body3.content);
177770
- res.json(result.queued ? { ok: true, queued: true } : { ok: true });
178365
+ res.json(await applyTaskMessage(
178366
+ { taskEngine, engineRegistry, nodeRegistry, heartbeat, logger: rootLogger },
178367
+ task,
178368
+ body3.content
178369
+ ));
177771
178370
  }));
177772
178371
  router.use(createTaskOutputRoutes());
177773
178372
  return router;
@@ -178266,52 +178865,7 @@ function createSystemRoutes() {
178266
178865
  res.json({ status: "ok", timestamp: Date.now(), pid: process.pid });
178267
178866
  }));
178268
178867
  router.get("/info", asyncHandler11(async (req, res) => {
178269
- const {
178270
- nodeRegistry,
178271
- getTransportType,
178272
- config: config2,
178273
- dashboardOrigin,
178274
- localDashboardOrigin,
178275
- storagePath,
178276
- inspectRuntimeTools: inspectTools,
178277
- runtimeMetadata,
178278
- getRuntimeUpdate,
178279
- runtimeUpdate
178280
- } = req.app.locals.deps;
178281
- const self2 = nodeRegistry.getSelf();
178282
- const auth = config2.authMetadata ?? {
178283
- enabled: false,
178284
- allowSameTenant: false,
178285
- allowedUsers: []
178286
- };
178287
- const settingsSnapshot = buildNodeSettingsSnapshot({
178288
- auth,
178289
- inspectRuntimeTools: inspectTools,
178290
- localDashboardOrigin,
178291
- runtimeMetadata,
178292
- runtimeUpdate: getRuntimeUpdate?.() ?? runtimeUpdate,
178293
- storagePath,
178294
- workDir: self2.workDir
178295
- });
178296
- res.json({
178297
- ...self2,
178298
- nodeId: self2.id,
178299
- version: settingsSnapshot.version,
178300
- packageName: settingsSnapshot.packageName,
178301
- uptime: settingsSnapshot.uptime,
178302
- transportType: getTransportType?.() ?? "direct",
178303
- dashboardOrigin: dashboardOrigin ?? self2.dashboardOrigin,
178304
- localDashboardOrigin,
178305
- auth: settingsSnapshot.auth,
178306
- os: settingsSnapshot.os,
178307
- runtime: settingsSnapshot.runtime,
178308
- runtimeUpdate: settingsSnapshot.runtimeUpdate,
178309
- agents: settingsSnapshot.agents,
178310
- startupRequirements: settingsSnapshot.startupRequirements,
178311
- components: settingsSnapshot.components,
178312
- repository: settingsSnapshot.repository,
178313
- packages: settingsSnapshot.packages
178314
- });
178868
+ res.json(buildSystemInfo(req.app.locals.deps));
178315
178869
  }));
178316
178870
  router.post("/runtime/restart", asyncHandler11(async (req, res) => {
178317
178871
  const { restartRuntime } = req.app.locals.deps;
@@ -178507,9 +179061,120 @@ function createNodeOperationRoutes() {
178507
179061
  return router;
178508
179062
  }
178509
179063
 
178510
- // ../../packages/api/src/routes/telemetry.ts
179064
+ // ../../packages/api/src/routes/mobile.ts
178511
179065
  init_cjs_shims();
178512
179066
  var import_express16 = __toESM(require_express2(), 1);
179067
+ function asyncHandler13(fn) {
179068
+ return (req, res, next2) => {
179069
+ fn(req, res, next2).catch((error2) => {
179070
+ if (error2 instanceof MobilePairingInvitationError) {
179071
+ res.status(error2.statusCode).json({ error: { code: error2.code, message: error2.message } });
179072
+ return;
179073
+ }
179074
+ next2(error2);
179075
+ });
179076
+ };
179077
+ }
179078
+ function getService(req) {
179079
+ const service = req.app.locals.deps.mobilePairingInvitations;
179080
+ if (!service) {
179081
+ throw new MeshyError("VALIDATION_ERROR", "mobile pairing is not enabled on this node", 404);
179082
+ }
179083
+ return service;
179084
+ }
179085
+ async function requireMobileAadIdentity(req) {
179086
+ const validator = req.app.locals.deps.mobileAadValidator;
179087
+ if (!validator) {
179088
+ throw new MeshyError("VALIDATION_ERROR", "mobile AAD auth is not enabled on this node", 401);
179089
+ }
179090
+ const result = await validator.validate(req.headers.authorization);
179091
+ if (!result.ok) {
179092
+ throw new MeshyError("VALIDATION_ERROR", `mobile AAD auth failed: ${result.reason}`, 401);
179093
+ }
179094
+ return result.identity;
179095
+ }
179096
+ function getSourceAddress(req) {
179097
+ const forwarded = req.headers["x-forwarded-for"];
179098
+ if (typeof forwarded === "string" && forwarded.length > 0) {
179099
+ return forwarded.split(",")[0]?.trim();
179100
+ }
179101
+ return req.ip ?? void 0;
179102
+ }
179103
+ function optionalString(value) {
179104
+ return typeof value === "string" && value.trim().length > 0 ? value.trim() : void 0;
179105
+ }
179106
+ function optionalPositiveInteger(value) {
179107
+ return typeof value === "number" && Number.isFinite(value) && value > 0 ? Math.floor(value) : void 0;
179108
+ }
179109
+ function createMobileRoutes() {
179110
+ const router = (0, import_express16.Router)();
179111
+ router.post(
179112
+ "/pairings",
179113
+ asyncHandler13(async (req, res) => {
179114
+ const body3 = req.body ?? {};
179115
+ const created = getService(req).createInvitation({
179116
+ ttlMs: optionalPositiveInteger(body3.ttlMs),
179117
+ maxUses: optionalPositiveInteger(body3.maxUses),
179118
+ createdBy: optionalString(body3.createdBy) ?? "local-node-user"
179119
+ });
179120
+ res.status(201).json(created);
179121
+ })
179122
+ );
179123
+ router.get(
179124
+ "/pairings",
179125
+ asyncHandler13(async (req, res) => {
179126
+ res.json({ pairings: getService(req).listInvitations() });
179127
+ })
179128
+ );
179129
+ router.get(
179130
+ "/pairings/:pairingId",
179131
+ asyncHandler13(async (req, res) => {
179132
+ const invitation = getService(req).getInvitation(req.params.pairingId);
179133
+ if (!invitation) {
179134
+ throw new MeshyError("VALIDATION_ERROR", "unknown pairing invitation", 404);
179135
+ }
179136
+ res.json({ invitation });
179137
+ })
179138
+ );
179139
+ router.delete(
179140
+ "/pairings/:pairingId",
179141
+ asyncHandler13(async (req, res) => {
179142
+ res.json({ cancelled: getService(req).cancelInvitation(req.params.pairingId) });
179143
+ })
179144
+ );
179145
+ router.post(
179146
+ "/pairings/:pairingId/consume",
179147
+ asyncHandler13(async (req, res) => {
179148
+ const identity2 = await requireMobileAadIdentity(req);
179149
+ const body3 = req.body ?? {};
179150
+ const connection = getService(req).consumeInvitation(req.params.pairingId, {
179151
+ identity: { tenantId: identity2.tenantId, upn: identity2.upn, objectId: identity2.objectId },
179152
+ deviceName: optionalString(body3.deviceName),
179153
+ platform: optionalString(body3.platform),
179154
+ appVersion: optionalString(body3.appVersion),
179155
+ sourceAddress: getSourceAddress(req)
179156
+ });
179157
+ res.json(connection);
179158
+ })
179159
+ );
179160
+ router.get(
179161
+ "/connections",
179162
+ asyncHandler13(async (req, res) => {
179163
+ res.json({ connections: getService(req).listConnections() });
179164
+ })
179165
+ );
179166
+ router.delete(
179167
+ "/connections/:connectionId",
179168
+ asyncHandler13(async (req, res) => {
179169
+ res.json({ revoked: getService(req).revokeConnection(req.params.connectionId) });
179170
+ })
179171
+ );
179172
+ return router;
179173
+ }
179174
+
179175
+ // ../../packages/api/src/routes/telemetry.ts
179176
+ init_cjs_shims();
179177
+ var import_express17 = __toESM(require_express2(), 1);
178513
179178
  var FRONTEND_EVENT_NAMES = /* @__PURE__ */ new Set([
178514
179179
  "feature.settings.opened",
178515
179180
  "feature.preview.created",
@@ -178565,7 +179230,7 @@ var frontendTelemetryEventSchema = external_exports.object({
178565
179230
  }
178566
179231
  });
178567
179232
  function createTelemetryRoutes() {
178568
- const router = (0, import_express16.Router)();
179233
+ const router = (0, import_express17.Router)();
178569
179234
  router.post("/events", (req, res, next2) => {
178570
179235
  try {
178571
179236
  const body3 = frontendTelemetryEventSchema.parse(req.body);
@@ -178610,7 +179275,7 @@ function isSuppressedRequestTelemetryRoute(req) {
178610
179275
  return REQUEST_TELEMETRY_SUPPRESSED_ROUTES.has(key2);
178611
179276
  }
178612
179277
  function usesLargeJsonBodyLimit(pathname) {
178613
- return pathname === "/api/cluster/join" || pathname === "/api/node" || pathname.startsWith("/api/node/") || pathname === "/api/tasks" || pathname.startsWith("/api/tasks/") || pathname === "/api/worker" || pathname.startsWith("/api/worker/");
179278
+ return pathname === "/api/cluster/join" || pathname === "/api/node" || pathname.startsWith("/api/node/") || pathname === "/api/tasks" || pathname.startsWith("/api/tasks/") || pathname === "/api/worker" || pathname.startsWith("/api/worker/") || pathname.startsWith("/api/mobile/");
178614
179279
  }
178615
179280
  function usesCapabilityJsonBodyLimit(pathname) {
178616
179281
  return pathname === "/api/capabilities/share" || pathname === "/api/capabilities/conflict-check" || pathname === "/api/node" || pathname.startsWith("/api/node/");
@@ -178737,7 +179402,7 @@ function resolveStaticDir(baseDir) {
178737
179402
  return null;
178738
179403
  }
178739
179404
  function createServer2(deps) {
178740
- const app = (0, import_express17.default)();
179405
+ const app = (0, import_express18.default)();
178741
179406
  app.locals.deps = deps;
178742
179407
  registerTaskMessageQueueDrainer(deps);
178743
179408
  if (typeof deps.heartbeat.setNodeMessageHandler === "function") {
@@ -178747,6 +179412,12 @@ function createServer2(deps) {
178747
179412
  const authConfig = {
178748
179413
  apiKey: deps.config.apiKey,
178749
179414
  validateBearerToken: deps.config.validateBearerToken,
179415
+ validateMobileBearerToken: deps.mobileAadValidator ? async (header) => {
179416
+ const value = Array.isArray(header) ? header[0] : header;
179417
+ const result = await deps.mobileAadValidator.validate(value);
179418
+ return result.ok ? { ok: true, reason: "mobile-aad", identity: result.identity } : { ok: false, reason: result.reason };
179419
+ } : void 0,
179420
+ allowMobileBearerAuth: (req) => isMobileBearerAuthPath(req.path),
178750
179421
  getTrustedHosts: () => {
178751
179422
  const trustedHosts = [];
178752
179423
  if (deps.dashboardOrigin) {
@@ -178800,7 +179471,7 @@ function createServer2(deps) {
178800
179471
  const runtimeBaseDir = resolveRuntimeBaseDir();
178801
179472
  const staticDir = resolveStaticDir(runtimeBaseDir);
178802
179473
  if (staticDir) {
178803
- const staticMiddleware = import_express17.default.static(staticDir);
179474
+ const staticMiddleware = import_express18.default.static(staticDir);
178804
179475
  app.use((req, res, next2) => {
178805
179476
  if (isApiRequest(req) || isPreviewRequest(req)) {
178806
179477
  next2();
@@ -178813,9 +179484,9 @@ function createServer2(deps) {
178813
179484
  staticMiddleware(req, res, next2);
178814
179485
  });
178815
179486
  }
178816
- const defaultJsonParser = import_express17.default.json({ limit: JSON_BODY_LIMIT });
178817
- const largeJsonParser = import_express17.default.json({ limit: JSON_BODY_LIMIT_LARGE });
178818
- const capabilityJsonParser = import_express17.default.json({ limit: JSON_BODY_LIMIT_CAPABILITIES });
179487
+ const defaultJsonParser = import_express18.default.json({ limit: JSON_BODY_LIMIT });
179488
+ const largeJsonParser = import_express18.default.json({ limit: JSON_BODY_LIMIT_LARGE });
179489
+ const capabilityJsonParser = import_express18.default.json({ limit: JSON_BODY_LIMIT_CAPABILITIES });
178819
179490
  app.use((req, res, next2) => {
178820
179491
  const parser = usesCapabilityJsonBodyLimit(req.path) ? capabilityJsonParser : usesLargeJsonBodyLimit(req.path) ? largeJsonParser : defaultJsonParser;
178821
179492
  parser(req, res, next2);
@@ -178856,6 +179527,7 @@ function createServer2(deps) {
178856
179527
  app.use("/api/worker", createWorkerRoutes());
178857
179528
  app.use("/api/system", createSystemRoutes());
178858
179529
  app.use("/api/node-operations", createNodeOperationRoutes());
179530
+ app.use("/api/mobile", createMobileRoutes());
178859
179531
  app.use("/api/telemetry", createTelemetryRoutes());
178860
179532
  app.use("/api/events", createEventRoutes());
178861
179533
  if (staticDir) {
@@ -180521,6 +181193,15 @@ init_cjs_shims();
180521
181193
  // ../../packages/client-sdk/src/types.ts
180522
181194
  init_cjs_shims();
180523
181195
 
181196
+ // ../../packages/client-sdk/src/mobile/index.ts
181197
+ init_cjs_shims();
181198
+
181199
+ // ../../packages/client-sdk/src/mobile/protocol/index.ts
181200
+ init_cjs_shims();
181201
+
181202
+ // ../../packages/client-sdk/src/mobile/protocol/qr.ts
181203
+ init_cjs_shims();
181204
+
180524
181205
  // src/bootstrap/mobile-connection-qr.ts
180525
181206
  var require2 = (0, import_node_module.createRequire)(importMetaUrl);
180526
181207
  function printMobileConnectionQrs(writer, options) {
@@ -180579,6 +181260,71 @@ function isDevTunnelOrigin(value) {
180579
181260
  }
180580
181261
  }
180581
181262
 
181263
+ // src/bootstrap/mobile-pairing.ts
181264
+ init_cjs_shims();
181265
+ var import_node_module2 = require("module");
181266
+ function setupMobilePairing(options) {
181267
+ const service = new MobilePairingInvitationService({
181268
+ nodeId: options.nodeId,
181269
+ nodeName: options.nodeName,
181270
+ getApiBaseUrl: options.getEndpoint,
181271
+ aad: options.aad,
181272
+ audit: createLoggerAuditRecorder(options.logger)
181273
+ });
181274
+ const validator = new MobileAadTokenValidator(options.aadValidation);
181275
+ options.logger.child("mobile-auth").info("mobile pairing invitations enabled", {
181276
+ allowedTenants: options.aadValidation.allowedTenants
181277
+ });
181278
+ return {
181279
+ service,
181280
+ validator,
181281
+ getEndpoint: options.getEndpoint,
181282
+ nodeId: options.nodeId,
181283
+ nodeName: options.nodeName
181284
+ };
181285
+ }
181286
+ function renderQrCode2(payload) {
181287
+ try {
181288
+ const localRequire = (0, import_node_module2.createRequire)(importMetaUrl);
181289
+ const qrcodeTerminal = localRequire("qrcode-terminal");
181290
+ let rendered = null;
181291
+ qrcodeTerminal.generate(payload, { small: true }, (output) => {
181292
+ rendered = output;
181293
+ });
181294
+ return rendered;
181295
+ } catch {
181296
+ return null;
181297
+ }
181298
+ }
181299
+ function isHttpsOrigin(value) {
181300
+ if (!value) return false;
181301
+ try {
181302
+ return new URL(value).protocol === "https:";
181303
+ } catch {
181304
+ return false;
181305
+ }
181306
+ }
181307
+ function printMobilePairingQr(writer, pairing) {
181308
+ const endpoint = pairing.getEndpoint();
181309
+ if (!isHttpsOrigin(endpoint)) {
181310
+ writer.line("");
181311
+ writer.line("Mobile Pairing: waiting for an https endpoint (DevTunnel). Pairing QR is unavailable on local http origins.");
181312
+ return null;
181313
+ }
181314
+ const created = pairing.service.createInvitation({ createdBy: "node-startup" });
181315
+ const serialized = serializePairingQrPayload(created.qr);
181316
+ const qr = renderQrCode2(serialized);
181317
+ writer.line("");
181318
+ writer.line(`Mobile Pairing QR (scan in the Meshy app, expires ${created.invitation.expiresAt}, max uses ${created.invitation.maxUses}):`);
181319
+ if (qr) {
181320
+ writer.line(qr);
181321
+ } else {
181322
+ writer.line(serialized);
181323
+ }
181324
+ writer.line("The phone will sign in with AAD and then use the existing REST API with a bearer token.");
181325
+ return created.qr;
181326
+ }
181327
+
180582
181328
  // src/bootstrap/runtime-restart.ts
180583
181329
  init_cjs_shims();
180584
181330
  var fs32 = __toESM(require("fs"), 1);
@@ -182231,12 +182977,12 @@ var import_node_path5 = __toESM(require("path"), 1);
182231
182977
 
182232
182978
  // ../../node_modules/.pnpm/@azure+monitor-opentelemetry@1.18.1/node_modules/@azure/monitor-opentelemetry/dist/esm/shared/module.js
182233
182979
  init_cjs_shims();
182234
- var import_node_module2 = require("module");
182980
+ var import_node_module3 = require("module");
182235
182981
  var import_node_path4 = require("path");
182236
182982
  var import_node_url2 = require("url");
182237
182983
  function loadAzureFunctionCore() {
182238
182984
  try {
182239
- return (0, import_node_module2.createRequire)(importMetaUrl)("@azure/functions-core");
182985
+ return (0, import_node_module3.createRequire)(importMetaUrl)("@azure/functions-core");
182240
182986
  } catch (e) {
182241
182987
  return void 0;
182242
182988
  }
@@ -188972,7 +189718,7 @@ function resolveTelemetryConfig(options = {}) {
188972
189718
 
188973
189719
  // src/bootstrap/telemetry-events.ts
188974
189720
  init_cjs_shims();
188975
- var crypto5 = __toESM(require("crypto"), 1);
189721
+ var crypto6 = __toESM(require("crypto"), 1);
188976
189722
  var nodePath3 = __toESM(require("path"), 1);
188977
189723
  var TERMINAL_STATUSES4 = /* @__PURE__ */ new Set(["completed", "failed", "cancelled", "archived"]);
188978
189724
  function taskEventName(status) {
@@ -189021,7 +189767,7 @@ function projectPathKind(value) {
189021
189767
  function projectPathHash(value) {
189022
189768
  const normalized = normalizeProjectKey(value);
189023
189769
  if (!normalized) return void 0;
189024
- return crypto5.createHash("sha256").update(normalized).digest("hex").slice(0, 16);
189770
+ return crypto6.createHash("sha256").update(normalized).digest("hex").slice(0, 16);
189025
189771
  }
189026
189772
  function projectDimensions(task) {
189027
189773
  const project = task?.effectiveProjectPath ?? task?.project;
@@ -189624,6 +190370,42 @@ function createTunnelManager(options) {
189624
190370
  }
189625
190371
 
189626
190372
  // src/bootstrap/start-node.ts
190373
+ function splitEnvList(value) {
190374
+ const items = value?.split(",").map((item) => item.trim()).filter(Boolean);
190375
+ return items && items.length > 0 ? items : void 0;
190376
+ }
190377
+ var DEFAULT_MOBILE_AAD_CLIENT_ID = "195fbb50-69da-45d8-b811-10d18264270b";
190378
+ var DEFAULT_MOBILE_AAD_TENANT_ID = "72f988bf-86f1-41af-91ab-2d7cd011db47";
190379
+ function isTruthyEnv(value) {
190380
+ return ["1", "true", "yes", "on"].includes((value ?? "").trim().toLowerCase());
190381
+ }
190382
+ function resolveMobileAadConfig(env4) {
190383
+ if (isTruthyEnv(env4.MESHY_MOBILE_PAIRING_DISABLED)) {
190384
+ return null;
190385
+ }
190386
+ const tenantId = env4.MESHY_MOBILE_AAD_TENANT_ID?.trim() || DEFAULT_MOBILE_AAD_TENANT_ID;
190387
+ const clientId = env4.MESHY_MOBILE_AAD_CLIENT_ID?.trim() || DEFAULT_MOBILE_AAD_CLIENT_ID;
190388
+ const scopes = splitEnvList(env4.MESHY_MOBILE_AAD_SCOPES) ?? [`api://${clientId}/.default`];
190389
+ const audiences = splitEnvList(env4.MESHY_MOBILE_AAD_AUDIENCES) ?? [`api://${clientId}`, clientId];
190390
+ const allowedTenants = splitEnvList(env4.MESHY_MOBILE_AAD_ALLOWED_TENANTS) ?? [tenantId];
190391
+ const allowedUpns = splitEnvList(env4.MESHY_MOBILE_AAD_ALLOWED_UPNS);
190392
+ const allowedUpnDomains = splitEnvList(env4.MESHY_MOBILE_AAD_ALLOWED_UPN_DOMAINS);
190393
+ return {
190394
+ aad: { tenantId, clientId, scopes },
190395
+ validation: {
190396
+ allowedTenants,
190397
+ audiences,
190398
+ ...allowedUpns ? { allowedUpns } : {},
190399
+ ...allowedUpnDomains ? { allowedUpnDomains } : {}
190400
+ }
190401
+ };
190402
+ }
190403
+ function resolveMobileAadConfigForStartup(args, env4) {
190404
+ if (args.qrCode !== true) {
190405
+ return null;
190406
+ }
190407
+ return resolveMobileAadConfig(env4);
190408
+ }
189627
190409
  function buildTelemetryBaseDimensions(options) {
189628
190410
  return {
189629
190411
  appVersion: options.runtimeMetadata.packageVersion,
@@ -189748,6 +190530,7 @@ function registerShutdownHandlers(options) {
189748
190530
  try {
189749
190531
  const telemetry = options.getTelemetry();
189750
190532
  telemetry.trackEvent("runtime.shutdown", { reason, runtimeMode });
190533
+ options.onShutdown?.();
189751
190534
  options.tunnelManager.stopHealthChecks();
189752
190535
  await closeHttpServer(options.server);
189753
190536
  await options.tunnelManager.stop();
@@ -189852,6 +190635,18 @@ async function startNode(args) {
189852
190635
  const previewProxyManager = new PreviewProxyManager();
189853
190636
  let deps;
189854
190637
  let requestShutdownForRestart;
190638
+ const mobileAad = resolveMobileAadConfigForStartup(hydratedArgs.args, process.env);
190639
+ const mobilePairing = mobileAad ? setupMobilePairing({
190640
+ nodeId: self2.id,
190641
+ nodeName: self2.name,
190642
+ logger: logger33,
190643
+ getEndpoint: () => meshyNode.getNodeRegistry().getSelf().endpoint,
190644
+ aad: mobileAad.aad,
190645
+ aadValidation: mobileAad.validation
190646
+ }) : null;
190647
+ if (hydratedArgs.args.qrCode === true && !mobileAad) {
190648
+ logger33.child("mobile-auth").info("mobile pairing disabled via MESHY_MOBILE_PAIRING_DISABLED");
190649
+ }
189855
190650
  const tunnelManager = createTunnelManager({
189856
190651
  authMetadata,
189857
190652
  config: config2,
@@ -189975,7 +190770,9 @@ async function startNode(args) {
189975
190770
  runtimeMetadata,
189976
190771
  previewSessionManager,
189977
190772
  previewProxyManager,
189978
- quickChatStore: createQuickChatStore(config2.storage.path)
190773
+ quickChatStore: createQuickChatStore(config2.storage.path),
190774
+ mobilePairingInvitations: mobilePairing?.service,
190775
+ mobileAadValidator: mobilePairing?.validator
189979
190776
  };
189980
190777
  meshyNode.getLogger().info("configured node auth mode", {
189981
190778
  authEnabled: authMetadata.enabled,
@@ -189999,6 +190796,9 @@ async function startNode(args) {
189999
190796
  terminalWriter.line(`
190000
190797
  ${banner}`);
190001
190798
  printMobileConnectionQrs(terminalWriter, { enabled: hydratedArgs.args.qrCode === true, nodeName: self3.name, nodeEndpoint: self3.endpoint });
190799
+ if (mobilePairing) {
190800
+ printMobilePairingQr(terminalWriter, mobilePairing);
190801
+ }
190002
190802
  telemetry.trackEvent("startup.completed");
190003
190803
  terminalWriter.line("");
190004
190804
  });
@@ -190006,7 +190806,10 @@ ${banner}`);
190006
190806
  server,
190007
190807
  meshyNode,
190008
190808
  tunnelManager,
190009
- getTelemetry: () => telemetry
190809
+ getTelemetry: () => telemetry,
190810
+ onShutdown: () => {
190811
+ mobilePairing?.service.dispose();
190812
+ }
190010
190813
  });
190011
190814
  requestShutdownForRestart = shutdownHandle.requestShutdown;
190012
190815
  await tunnelManager.syncDashboardTransport("startup");