newcraw 1.0.0 → 1.0.2

package/dist/gateway-IZYO6YFJ.js

@@ -0,0 +1,1170 @@
+#!/usr/bin/env bun
+import { createRequire as __newcrawCreateRequire } from "node:module";
+const require = __newcrawCreateRequire(import.meta.url);
+import {
+  getDomain,
+  getIdentity,
+  setIdentity
+} from "./chunk-OJIMOLIC.js";
+import "./chunk-XS6PU75S.js";
+import "./chunk-WWDVA4NV.js";
+import "./chunk-VQSCECTS.js";
+import "./chunk-HSJ6HYAO.js";
+import "./chunk-3LMXSKZ7.js";
+import "./chunk-XXU2NVOE.js";
+import "./chunk-JX5ZQYTQ.js";
+import "./chunk-XJQATPV7.js";
+import "./chunk-V5U6BHT2.js";
+import "./chunk-7ZFLZNOW.js";
+import "./chunk-VHS2MZQS.js";
+import "./chunk-QH2M65BR.js";
+import "./chunk-RUXIBQ3B.js";
+import "./chunk-JWXQNBBA.js";
+import "./chunk-2C43OXE7.js";
+import "./chunk-BWYKUDJR.js";
+import "./chunk-2EFL22PV.js";
+import "./chunk-U7S4MEYP.js";
+import "./chunk-UYRR6F5S.js";
+import "./chunk-TY3CCSAT.js";
+import "./chunk-LOIZNQOU.js";
+import "./chunk-INJSFEKL.js";
+import "./chunk-2UO3BFZH.js";
+import {
+  createAssistantMessage,
+  createUserMessage
+} from "./chunk-A7X6OCZE.js";
+import "./chunk-F3COCCAE.js";
+import "./chunk-53A4JHFW.js";
+import "./chunk-DEF3KFP7.js";
+import "./chunk-IIFUDVGS.js";
+import "./chunk-KQSHIOZK.js";
+import "./chunk-GZTCXXSS.js";
+import "./chunk-IM33F5CM.js";
+import "./chunk-ZYSVG4X3.js";
+import "./chunk-755HIAI3.js";
+import "./chunk-AXWJI6N5.js";
+
+// src/sessions/manager.ts
+var SessionManager = class {
+  constructor(storage) {
+    this.storage = storage;
+  }
+  async getOrCreate(key) {
+    const existing = await this.storage.load(key);
+    if (existing) return existing;
+    return this.createNew(key);
+  }
+  async save(session) {
+    await this.storage.save(session.key, session);
+  }
+  async get(key) {
+    return this.storage.load(key);
+  }
+  async delete(key) {
+    await this.storage.delete(key);
+  }
+  async listKeys() {
+    return this.storage.list();
+  }
+  createNew(key) {
+    return {
+      key,
+      messages: [],
+      createdAt: Date.now(),
+      updatedAt: Date.now(),
+      metadata: {}
+    };
+  }
+};
+
+// src/gateway/agentCore.ts
+import { cwd as processCwd } from "process";
+var gatewayPermissionHandler = async (tool, _input, _context, _assistantMessage) => {
+  if (tool.isReadOnly()) {
+    return { result: true };
+  }
+  return { result: true };
+};
+async function loadGatewayTools(domainId) {
+  const { getTools } = await import("./tools-3HOUIDM3.js");
+  const domain = getDomain(domainId);
+  const allTools = await getTools();
+  if (!domain) return allTools;
+  const allowedNames = new Set(domain.tools());
+  const filtered = allTools.filter((t) => allowedNames.has(t.name));
+  return filtered.length > 0 ? filtered : allTools;
+}
+function convertSessionHistory(history) {
+  return history.map(
+    (msg) => msg.role === "user" ? createUserMessage(msg.content) : createAssistantMessage(msg.content)
+  );
+}
+async function gatewayQuery(options) {
+  const { ask } = await import("./ask-MGUO3L35.js");
+  const { setCwd } = await import("./state-MSCYLB6Y.js");
+  const identity = getIdentity();
+  const domainId = options.domain ?? identity.domain;
+  const cwd = options.cwd ?? processCwd();
+  await setCwd(cwd);
+  const tools = options.tools ?? await loadGatewayTools(domainId);
+  const result = await ask({
+    commands: [],
+    safeMode: options.safeMode ?? false,
+    hasPermissionsToUseTool: gatewayPermissionHandler,
+    messageLogName: `gateway-${Date.now()}`,
+    prompt: options.prompt,
+    cwd,
+    tools,
+    verbose: false,
+    initialMessages: options.sessionMessages,
+    persistSession: false,
+    domain: domainId
+  });
+  return {
+    resultText: result.resultText,
+    messages: [],
+    totalCost: result.totalCost
+  };
+}
+async function* gatewayQueryStream(options) {
+  const { query } = await import("./query-GGIP6PWG.js");
+  const { getSystemPrompt } = await import("./prompts-LE6GK75N.js");
+  const { getContext } = await import("./context-WF3TTXQU.js");
+  const { setCwd } = await import("./state-MSCYLB6Y.js");
+  const identity = getIdentity();
+  const domainId = options.domain ?? identity.domain;
+  const cwd = options.cwd ?? processCwd();
+  await setCwd(cwd);
+  const tools = options.tools ?? await loadGatewayTools(domainId);
+  const [systemPrompt, context] = await Promise.all([
+    getSystemPrompt({ domain: domainId }),
+    getContext()
+  ]);
+  const userMessage = createUserMessage(options.prompt);
+  const messages = [...options.sessionMessages ?? [], userMessage];
+  const abortController = new AbortController();
+  const seenToolUseIds = /* @__PURE__ */ new Set();
+  for await (const msg of query(
+    messages,
+    systemPrompt,
+    context,
+    gatewayPermissionHandler,
+    {
+      options: {
+        commands: [],
+        tools,
+        verbose: false,
+        safeMode: options.safeMode ?? false,
+        forkNumber: 0,
+        messageLogName: `gateway-${Date.now()}`,
+        maxThinkingTokens: 0,
+        persistSession: false,
+        shouldAvoidPermissionPrompts: true
+      },
+      abortController,
+      messageId: void 0,
+      readFileTimestamps: {},
+      setToolJSX: () => {
+      }
+    }
+  )) {
+    if (msg.type === "assistant") {
+      for (const block of msg.message.content) {
+        if (block.type === "text" && block.text) {
+          yield { type: "text", content: block.text };
+        } else if (block.type === "thinking" && block.thinking) {
+          yield { type: "thinking", content: block.thinking };
+        } else if (block.type === "tool_use") {
+          seenToolUseIds.add(block.id);
+          const inputBrief = JSON.stringify(block.input).slice(0, 200);
+          yield { type: "tool_call", content: `${block.name}(${inputBrief})` };
+        }
+      }
+    } else if (msg.type === "progress") {
+      for (const block of msg.content.message.content) {
+        if (block.type === "tool_use" && !seenToolUseIds.has(block.id)) {
+          seenToolUseIds.add(block.id);
+          const inputBrief = JSON.stringify(block.input).slice(0, 200);
+          yield { type: "tool_call", content: `${block.name}(${inputBrief})` };
+        }
+      }
+    } else if (msg.type === "user") {
+      const content = msg.message.content;
+      if (Array.isArray(content)) {
+        for (const block of content) {
+          if (block.type === "tool_result") {
+            const raw = typeof block.content === "string" ? block.content : JSON.stringify(block.content);
+            yield { type: "tool_result", content: raw.slice(0, 500) };
+          }
+        }
+      }
+    }
+  }
+  yield { type: "done", content: "" };
+}
+
+// src/gateway/middleware.ts
+function composeMiddleware(middlewares) {
+  return async (ctx, next) => {
+    let index = -1;
+    async function dispatch(i) {
+      if (i <= index) throw new Error("next() called multiple times");
+      index = i;
+      const fn = i < middlewares.length ? middlewares[i] : next;
+      await fn(ctx, () => dispatch(i + 1));
+    }
+    await dispatch(0);
+  };
+}
+function loggingMiddleware() {
+  return async (ctx, next) => {
+    const { channelId, message } = ctx;
+    const preview = message.text.length > 80 ? message.text.slice(0, 80) + "..." : message.text;
+    console.log(`[${(/* @__PURE__ */ new Date()).toISOString()}] ${channelId}:${message.sessionKey} \u2190 "${preview}"`);
+    await next();
+    const elapsed = Date.now() - ctx.startTime;
+    console.log(`[${(/* @__PURE__ */ new Date()).toISOString()}] ${channelId}:${message.sessionKey} \u2192 done (${elapsed}ms)`);
+  };
+}
+function rateLimitMiddleware(options = {}) {
+  const windowMs = options.windowMs ?? 6e4;
+  const maxRequests = options.maxRequests ?? 30;
+  const hits = /* @__PURE__ */ new Map();
+  return async (ctx, next) => {
+    const key = `${ctx.message.sessionKey}`;
+    const now = Date.now();
+    const timestamps = hits.get(key) ?? [];
+    const windowStart = now - windowMs;
+    const recent = timestamps.filter((t) => t > windowStart);
+    if (recent.length >= maxRequests) {
+      ctx.metadata.rateLimited = true;
+      throw new Error(`Rate limit exceeded: ${maxRequests} requests per ${windowMs / 1e3}s`);
+    }
+    recent.push(now);
+    hits.set(key, recent);
+    if (hits.size > 1e4) {
+      for (const [k, v] of hits) {
+        const filtered = v.filter((t) => t > windowStart);
+        if (filtered.length === 0) hits.delete(k);
+        else hits.set(k, filtered);
+      }
+    }
+    await next();
+  };
+}
+function maxConcurrencyMiddleware(options = {}) {
+  const max = options.maxPerSession ?? 1;
+  const active = /* @__PURE__ */ new Map();
+  return async (ctx, next) => {
+    const key = ctx.message.sessionKey;
+    const current = active.get(key) ?? 0;
+    if (current >= max) {
+      throw new Error("Another request is already in progress for this session");
+    }
+    active.set(key, current + 1);
+    try {
+      await next();
+    } finally {
+      const val = active.get(key) ?? 1;
+      if (val <= 1) active.delete(key);
+      else active.set(key, val - 1);
+    }
+  };
+}
+
+// src/channels/http.ts
+import { createServer } from "http";
+import { randomUUID } from "crypto";
+import { resolve, join, extname } from "path";
+import { readFile, stat } from "fs/promises";
+var MIME_TYPES = {
+  ".html": "text/html; charset=utf-8",
+  ".js": "application/javascript; charset=utf-8",
+  ".css": "text/css; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".png": "image/png",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".gif": "image/gif",
+  ".svg": "image/svg+xml",
+  ".ico": "image/x-icon",
+  ".woff": "font/woff",
+  ".woff2": "font/woff2",
+  ".ttf": "font/ttf",
+  ".webp": "image/webp"
+};
+var HttpChannel = class {
+  constructor(config) {
+    this.config = config;
+  }
+  id = "http";
+  name = "HTTP API";
+  server = null;
+  handler = null;
+  streamHandler = null;
+  pendingResponses = /* @__PURE__ */ new Map();
+  onMessage(handler) {
+    this.handler = handler;
+  }
+  onStreamMessage(handler) {
+    this.streamHandler = handler;
+  }
+  async start() {
+    this.server = createServer((req, res) => this.handleRequest(req, res));
+    await new Promise((resolve2) => {
+      this.server.listen(this.config.port, this.config.host ?? "0.0.0.0", resolve2);
+    });
+    console.log(`[HTTP] Listening on ${this.config.host ?? "0.0.0.0"}:${this.config.port}`);
+  }
+  async stop() {
+    if (this.server) {
+      await new Promise((resolve2) => this.server.close(() => resolve2()));
+      this.server = null;
+    }
+  }
+  async sendResponse(requestId, response) {
+    const pending = this.pendingResponses.get(requestId);
+    if (pending) {
+      pending.push(response);
+    }
+  }
+  setCorsHeaders(res) {
+    const origin = this.config.corsOrigin ?? "*";
+    res.setHeader("Access-Control-Allow-Origin", origin);
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+  }
+  checkAuth(req, res) {
+    if (!this.config.authToken) return true;
+    const auth = req.headers.authorization;
+    if (auth !== `Bearer ${this.config.authToken}`) {
+      res.writeHead(401, { "Content-Type": "application/json" });
+      res.end(JSON.stringify({ error: "Unauthorized" }));
+      return false;
+    }
+    return true;
+  }
+  async handleRequest(req, res) {
+    this.setCorsHeaders(res);
+    if (req.method === "OPTIONS") {
+      res.writeHead(204);
+      res.end();
+      return;
+    }
+    if (req.method === "GET" && req.url === "/health") {
+      res.setHeader("Content-Type", "application/json");
+      res.writeHead(200);
+      res.end(JSON.stringify({ status: "ok", timestamp: Date.now() }));
+      return;
+    }
+    if (req.method === "POST" && req.url === "/api/chat") {
+      await this.handleChat(req, res);
+      return;
+    }
+    if (req.method === "POST" && req.url === "/api/chat/stream") {
+      await this.handleChatStream(req, res);
+      return;
+    }
+    if (req.method === "GET" && this.config.webDistDir) {
+      const served = await this.serveStatic(req, res);
+      if (served) return;
+    }
+    res.setHeader("Content-Type", "application/json");
+    res.writeHead(404);
+    res.end(JSON.stringify({ error: "Not found" }));
+  }
+  async serveStatic(req, res) {
+    const distDir = this.config.webDistDir;
+    if (!distDir) return false;
+    const urlPath = new URL(req.url ?? "/", `http://${req.headers.host}`).pathname;
+    const safePath = urlPath.replace(/\.\./g, "").replace(/\/+/g, "/");
+    const candidates = [
+      join(distDir, safePath),
+      join(distDir, safePath, "index.html")
+    ];
+    for (const filePath of candidates) {
+      const resolved = resolve(filePath);
+      if (!resolved.startsWith(resolve(distDir))) continue;
+      try {
+        const fileStat = await stat(resolved);
+        if (fileStat.isFile()) {
+          const ext = extname(resolved);
+          const mime = MIME_TYPES[ext] ?? "application/octet-stream";
+          const content = await readFile(resolved);
+          res.setHeader("Content-Type", mime);
+          if (ext !== ".html") {
+            res.setHeader("Cache-Control", "public, max-age=31536000, immutable");
+          }
+          res.writeHead(200);
+          res.end(content);
+          return true;
+        }
+      } catch {
+      }
+    }
+    try {
+      const indexPath = join(distDir, "index.html");
+      const content = await readFile(indexPath);
+      res.setHeader("Content-Type", "text/html; charset=utf-8");
+      res.writeHead(200);
+      res.end(content);
+      return true;
+    } catch {
+      return false;
+    }
+  }
+  async handleChat(req, res) {
+    res.setHeader("Content-Type", "application/json");
+    if (!this.checkAuth(req, res)) return;
+    try {
+      const body = await readBody(req);
+      const { message, userId = "default", sessionKey } = JSON.parse(body);
+      if (!message || typeof message !== "string") {
+        res.writeHead(400);
+        res.end(JSON.stringify({ error: 'Missing "message" field' }));
+        return;
+      }
+      if (!this.handler) {
+        res.writeHead(503);
+        res.end(JSON.stringify({ error: "No handler registered" }));
+        return;
+      }
+      const requestId = randomUUID();
+      this.pendingResponses.set(requestId, []);
+      await this.handler({
+        channelId: "http",
+        userId: requestId,
+        sessionKey: sessionKey ?? `http:${userId}`,
+        text: message,
+        metadata: { originalUserId: userId, requestId }
+      });
+      const responses = this.pendingResponses.get(requestId) ?? [];
+      this.pendingResponses.delete(requestId);
+      const textParts = responses.filter((r) => r.type === "text").map((r) => r.content);
+      res.writeHead(200);
+      res.end(JSON.stringify({
+        response: textParts.join("\n"),
+        details: responses.filter((r) => r.type !== "done")
+      }));
+    } catch (err) {
+      res.writeHead(500);
+      res.end(JSON.stringify({ error: err.message ?? "Internal server error" }));
+    }
+  }
+  async handleChatStream(req, res) {
+    if (!this.checkAuth(req, res)) return;
+    try {
+      const body = await readBody(req);
+      const { message, userId = "default", sessionKey } = JSON.parse(body);
+      if (!message || typeof message !== "string") {
+        res.setHeader("Content-Type", "application/json");
+        res.writeHead(400);
+        res.end(JSON.stringify({ error: 'Missing "message" field' }));
+        return;
+      }
+      if (!this.streamHandler) {
+        res.setHeader("Content-Type", "application/json");
+        res.writeHead(503);
+        res.end(JSON.stringify({ error: "Streaming not available" }));
+        return;
+      }
+      res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+        "X-Accel-Buffering": "no"
+      });
+      const unifiedMsg = {
+        channelId: "http",
+        userId,
+        sessionKey: sessionKey ?? `http:${userId}`,
+        text: message,
+        metadata: { requestId: randomUUID() }
+      };
+      await this.streamHandler(unifiedMsg, res);
+    } catch (err) {
+      if (!res.headersSent) {
+        res.setHeader("Content-Type", "application/json");
+        res.writeHead(500);
+        res.end(JSON.stringify({ error: err.message ?? "Internal server error" }));
+      } else {
+        writeSseEvent(res, "error", { error: err.message ?? "Internal server error" });
+        res.end();
+      }
+    }
+  }
+};
+function writeSseEvent(res, event, data) {
+  res.write(`event: ${event}
+data: ${JSON.stringify(data)}
+
+`);
+}
+function readBody(req) {
+  return new Promise((resolve2, reject) => {
+    const chunks = [];
+    let size = 0;
+    const MAX_BODY_SIZE = 1024 * 1024;
+    req.on("data", (chunk) => {
+      size += chunk.length;
+      if (size > MAX_BODY_SIZE) {
+        req.destroy();
+        reject(new Error("Request body too large"));
+        return;
+      }
+      chunks.push(chunk);
+    });
+    req.on("end", () => resolve2(Buffer.concat(chunks).toString("utf-8")));
+    req.on("error", reject);
+  });
+}
+
+// src/gateway/gateway.ts
+var Gateway = class {
+  channels = /* @__PURE__ */ new Map();
+  sessions;
+  config;
+  middlewareChain = null;
+  constructor(config) {
+    this.config = config;
+    this.sessions = new SessionManager(config.storage);
+    if (config.middleware && config.middleware.length > 0) {
+      this.middlewareChain = composeMiddleware(config.middleware);
+    }
+  }
+  registerChannel(channel) {
+    if (this.channels.has(channel.id)) {
+      throw new Error(`Channel "${channel.id}" is already registered`);
+    }
+    this.channels.set(channel.id, channel);
+    channel.onMessage((msg) => this.handleMessage(channel, msg));
+    if (channel instanceof HttpChannel) {
+      channel.onStreamMessage((msg, res) => this.handleSseStream(msg, res));
+    }
+  }
+  getChannel(id) {
+    return this.channels.get(id);
+  }
+  listChannels() {
+    return [...this.channels.values()];
+  }
+  getSessionManager() {
+    return this.sessions;
+  }
+  async runWithMiddleware(channel, msg, handler) {
+    if (!this.middlewareChain) {
+      await handler();
+      return;
+    }
+    const ctx = {
+      message: msg,
+      channelId: channel.id,
+      startTime: Date.now(),
+      metadata: {}
+    };
+    await this.middlewareChain(ctx, handler);
+  }
+  async handleMessage(channel, msg) {
+    try {
+      await this.runWithMiddleware(channel, msg, async () => {
+        const session = await this.sessions.getOrCreate(msg.sessionKey);
+        const domainId = this.config.domain ?? getIdentity().domain;
+        session.messages.push({
+          role: "user",
+          content: msg.text,
+          timestamp: Date.now()
+        });
+        const isStreamCapable = !(channel instanceof HttpChannel);
+        if (isStreamCapable) {
+          await this.handleStreamingChannel(channel, msg, domainId, session);
+        } else {
+          await this.handleBlockingChannel(channel, msg, domainId, session);
+        }
+      });
+    } catch (err) {
+      this.config.onError?.(err, `channel=${channel.id} user=${msg.userId}`);
+      await channel.sendResponse(msg.userId, {
+        type: "error",
+        content: err.message ?? "Internal error"
+      });
+    }
+  }
+  async handleBlockingChannel(channel, msg, domainId, session) {
+    const history = session.messages.slice(0, -1);
+    const result = await gatewayQuery({
+      prompt: msg.text,
+      domain: domainId,
+      cwd: this.config.cwd,
+      safeMode: this.config.safeMode,
+      sessionMessages: convertSessionHistory(history)
+    });
+    session.messages.push({
+      role: "assistant",
+      content: result.resultText,
+      timestamp: Date.now()
+    });
+    await this.sessions.save(session);
+    await channel.sendResponse(msg.userId, {
+      type: "text",
+      content: result.resultText
+    });
+    await channel.sendResponse(msg.userId, { type: "done", content: "" });
+  }
+  async handleStreamingChannel(channel, msg, domainId, session) {
+    const chunks = [];
+    const history = session.messages.slice(0, -1);
+    for await (const chunk of gatewayQueryStream({
+      prompt: msg.text,
+      domain: domainId,
+      cwd: this.config.cwd,
+      safeMode: this.config.safeMode,
+      sessionMessages: convertSessionHistory(history)
+    })) {
+      if (chunk.type === "text") {
+        chunks.push(chunk.content);
+      }
+      await channel.sendResponse(msg.userId, {
+        type: chunk.type,
+        content: chunk.content
+      });
+    }
+    session.messages.push({
+      role: "assistant",
+      content: chunks.join(""),
+      timestamp: Date.now()
+    });
+    await this.sessions.save(session);
+  }
+  async handleSseStream(msg, res) {
+    const domainId = this.config.domain ?? getIdentity().domain;
+    const session = await this.sessions.getOrCreate(msg.sessionKey);
+    session.messages.push({
+      role: "user",
+      content: msg.text,
+      timestamp: Date.now()
+    });
+    const chunks = [];
+    const history = session.messages.slice(0, -1);
+    try {
+      for await (const chunk of gatewayQueryStream({
+        prompt: msg.text,
+        domain: domainId,
+        cwd: this.config.cwd,
+        safeMode: this.config.safeMode,
+        sessionMessages: convertSessionHistory(history)
+      })) {
+        if (chunk.type === "text") {
+          chunks.push(chunk.content);
+        }
+        writeSseEvent(res, chunk.type, { content: chunk.content });
+      }
+      session.messages.push({
+        role: "assistant",
+        content: chunks.join(""),
+        timestamp: Date.now()
+      });
+      await this.sessions.save(session);
+    } catch (err) {
+      writeSseEvent(res, "error", { error: err.message ?? "Internal error" });
+      this.config.onError?.(err, `sse user=${msg.userId}`);
+    } finally {
+      res.end();
+    }
+  }
+  async start() {
+    const startPromises = [...this.channels.values()].map((ch) => ch.start());
+    await Promise.all(startPromises);
+    const identity = getIdentity();
+    console.log(`[Gateway] Started with ${this.channels.size} channel(s) \u2014 identity: ${identity.name}, domain: ${this.config.domain ?? identity.domain}`);
+  }
+  async stop() {
+    const stopPromises = [...this.channels.values()].map((ch) => ch.stop());
+    await Promise.all(stopPromises);
+    console.log("[Gateway] Stopped");
+  }
+};
+
+// src/channels/websocket.ts
+import { createServer as createServer2 } from "http";
+import { WebSocketServer } from "ws";
+import { randomUUID as randomUUID2 } from "crypto";
+var WebSocketChannel = class {
+  constructor(config) {
+    this.config = config;
+  }
+  id = "websocket";
+  name = "WebSocket";
+  wss = null;
+  ownServer = null;
+  handler = null;
+  clients = /* @__PURE__ */ new Map();
+  pendingResponses = /* @__PURE__ */ new Map();
+  onMessage(handler) {
+    this.handler = handler;
+  }
+  async start() {
+    if (this.config.server) {
+      this.wss = new WebSocketServer({ server: this.config.server });
+    } else {
+      this.ownServer = createServer2();
+      this.wss = new WebSocketServer({ server: this.ownServer });
+      await new Promise((resolve2) => {
+        this.ownServer.listen(this.config.port, this.config.host ?? "0.0.0.0", resolve2);
+      });
+      console.log(`[WebSocket] Listening on ${this.config.host ?? "0.0.0.0"}:${this.config.port}`);
+    }
+    this.wss.on("connection", (ws, req) => this.handleConnection(ws, req));
+  }
+  async stop() {
+    if (this.wss) {
+      for (const client of this.clients.values()) {
+        client.ws.close(1001, "Server shutting down");
+      }
+      this.clients.clear();
+      this.wss.close();
+      this.wss = null;
+    }
+    if (this.ownServer) {
+      await new Promise((resolve2) => this.ownServer.close(() => resolve2()));
+      this.ownServer = null;
+    }
+  }
+  async sendResponse(clientId, response) {
+    const client = this.clients.get(clientId);
+    if (client && client.ws.readyState === 1) {
+      client.ws.send(JSON.stringify({
+        type: "response",
+        data: response
+      }));
+    }
+    const pending = this.pendingResponses.get(clientId);
+    if (pending) {
+      pending.push(response);
+    }
+  }
+  handleConnection(ws, req) {
+    if (this.config.authToken) {
+      const url = new URL(req.url ?? "/", `http://${req.headers.host}`);
+      const token = url.searchParams.get("token");
+      if (token !== this.config.authToken) {
+        ws.close(4001, "Unauthorized");
+        return;
+      }
+    }
+    const clientId = randomUUID2();
+    this.clients.set(clientId, {
+      ws,
+      userId: clientId,
+      sessionKey: `ws:${clientId}`
+    });
+    ws.on("message", (raw) => this.handleWsMessage(clientId, raw));
+    ws.on("close", () => {
+      this.clients.delete(clientId);
+    });
+    ws.on("error", (err) => {
+      console.error(`[WebSocket] Client ${clientId} error:`, err.message);
+      this.clients.delete(clientId);
+    });
+    ws.send(JSON.stringify({
+      type: "connected",
+      data: { clientId }
+    }));
+  }
+  async handleWsMessage(clientId, raw) {
+    let parsed;
+    try {
+      parsed = JSON.parse(String(raw));
+    } catch {
+      this.sendToClient(clientId, {
+        type: "error",
+        data: { error: "Invalid JSON" }
+      });
+      return;
+    }
+    const { type, message, userId, sessionKey } = parsed;
+    if (type === "ping") {
+      this.sendToClient(clientId, { type: "pong", data: {} });
+      return;
+    }
+    if (type !== "chat" || !message || typeof message !== "string") {
+      this.sendToClient(clientId, {
+        type: "error",
+        data: { error: 'Expected { type: "chat", message: "..." }' }
+      });
+      return;
+    }
+    if (!this.handler) {
+      this.sendToClient(clientId, {
+        type: "error",
+        data: { error: "No handler registered" }
+      });
+      return;
+    }
+    const resolvedUserId = userId ?? clientId;
+    const resolvedSessionKey = sessionKey ?? `ws:${resolvedUserId}`;
+    const client = this.clients.get(clientId);
+    if (client) {
+      client.userId = resolvedUserId;
+      client.sessionKey = resolvedSessionKey;
+    }
+    try {
+      await this.handler({
+        channelId: "websocket",
+        userId: clientId,
+        sessionKey: resolvedSessionKey,
+        text: message,
+        metadata: { originalUserId: resolvedUserId }
+      });
+    } catch (err) {
+      this.sendToClient(clientId, {
+        type: "error",
+        data: { error: err.message ?? "Internal error" }
+      });
+    }
+  }
+  sendToClient(clientId, msg) {
+    const client = this.clients.get(clientId);
+    if (client && client.ws.readyState === 1) {
+      client.ws.send(JSON.stringify(msg));
+    }
+  }
+};
+
+// src/channels/cli.ts
+import { createInterface } from "readline";
+var CliChannel = class {
+  id = "cli";
+  name = "CLI";
+  handler = null;
+  rl = null;
+  userId;
+  promptStr;
+  input;
+  output;
+  active = false;
+  constructor(options = {}) {
+    this.userId = options.userId ?? "cli-user";
+    this.promptStr = options.prompt ?? "> ";
+    this.input = options.input ?? process.stdin;
+    this.output = options.output ?? process.stdout;
+  }
+  onMessage(handler) {
+    this.handler = handler;
+  }
+  async start() {
+    this.active = true;
+    this.rl = createInterface({
+      input: this.input,
+      output: this.output,
+      prompt: this.promptStr
+    });
+    this.rl.on("line", async (line) => {
+      const text = line.trim();
+      if (!text) {
+        this.rl?.prompt();
+        return;
+      }
+      if (text === "/exit" || text === "/quit") {
+        await this.stop();
+        return;
+      }
+      if (!this.handler) {
+        this.rl?.prompt();
+        return;
+      }
+      this.rl?.pause();
+      try {
+        await this.handler({
+          channelId: this.id,
+          userId: this.userId,
+          sessionKey: `cli:${this.userId}`,
+          text
+        });
+      } finally {
+        if (this.active) {
+          this.rl?.resume();
+          this.rl?.prompt();
+        }
+      }
+    });
+    this.rl.on("close", () => {
+      this.active = false;
+    });
+    setTimeout(() => {
+      if (this.active) {
+        this.output.write("\n");
+        this.rl?.prompt();
+      }
+    }, 100);
+  }
+  async stop() {
+    this.active = false;
+    this.rl?.close();
+    this.rl = null;
+  }
+  async sendResponse(_userId, response) {
+    if (!this.active) return;
+    switch (response.type) {
+      case "text":
+        this.write(response.content);
+        break;
+      case "thinking":
+        this.write(`[thinking] ${response.content}`);
+        break;
+      case "error":
+        this.write(`[error] ${response.content}`);
+        break;
+      case "tool_call":
+        this.write(`[tool] ${response.content}`);
+        break;
+      case "tool_result":
+        this.write(`[result] ${response.content}`);
+        break;
+      case "done":
+        this.write("");
+        break;
+    }
+  }
+  async requestPermission(_userId, description) {
+    if (!this.rl) return false;
+    return new Promise((resolve2) => {
+      this.write(`
+[Permission] ${description}`);
+      this.rl.question("Allow? (y/n) ", (answer) => {
+        resolve2(answer.trim().toLowerCase().startsWith("y"));
+      });
+    });
+  }
+  write(text) {
+    this.output.write(`${text}
+`);
+  }
+};
+
+// src/sessions/storage.ts
+import { existsSync, mkdirSync, readFileSync, writeFileSync, readdirSync, unlinkSync } from "fs";
+import { join as join2 } from "path";
+var FileSessionStorage = class {
+  constructor(dir) {
+    this.dir = dir;
+    if (!existsSync(dir)) {
+      mkdirSync(dir, { recursive: true });
+    }
+  }
+  filePath(key) {
+    const safeKey = key.replace(/[^a-zA-Z0-9_-]/g, "_");
+    return join2(this.dir, `${safeKey}.json`);
+  }
+  async load(key) {
+    const path = this.filePath(key);
+    if (!existsSync(path)) return null;
+    try {
+      return JSON.parse(readFileSync(path, "utf-8"));
+    } catch {
+      return null;
+    }
+  }
+  async save(key, session) {
+    session.updatedAt = Date.now();
+    writeFileSync(this.filePath(key), JSON.stringify(session, null, 2), "utf-8");
+  }
+  async list() {
+    if (!existsSync(this.dir)) return [];
+    return readdirSync(this.dir).filter((f) => f.endsWith(".json")).map((f) => f.replace(".json", ""));
+  }
+  async delete(key) {
+    const path = this.filePath(key);
+    if (existsSync(path)) unlinkSync(path);
+  }
+};
+
+// src/entrypoints/gateway.ts
+import { join as join3, dirname } from "path";
+import { homedir } from "os";
+import { existsSync as existsSync2 } from "fs";
+import { fileURLToPath } from "url";
+function parseArgs(argv) {
+  const opts = {
+    port: 3e3,
+    host: "0.0.0.0",
+    domain: "general",
+    safeMode: false,
+    enableLogging: true
+  };
+  for (let i = 2; i < argv.length; i++) {
+    const arg = argv[i];
+    const next = argv[i + 1];
+    switch (arg) {
+      case "--port":
+        opts.port = parseInt(next, 10);
+        i++;
+        break;
+      case "--ws-port":
+        opts.wsPort = parseInt(next, 10);
+        i++;
+        break;
+      case "--host":
+        opts.host = next;
+        i++;
+        break;
+      case "--domain":
+        opts.domain = next;
+        i++;
+        break;
+      case "--auth-token":
+        opts.authToken = next;
+        i++;
+        break;
+      case "--cors-origin":
+        opts.corsOrigin = next;
+        i++;
+        break;
+      case "--session-dir":
+        opts.sessionDir = next;
+        i++;
+        break;
+      case "--cwd":
+        opts.cwd = next;
+        i++;
+        break;
+      case "--safe-mode":
+        opts.safeMode = true;
+        break;
+      case "--no-logging":
+        opts.enableLogging = false;
+        break;
+      case "--rate-limit":
+        opts.rateLimit = parseInt(next, 10);
+        i++;
+        break;
+      case "--name":
+        opts.name = next;
+        i++;
+        break;
+      case "--description":
+        opts.description = next;
+        i++;
+        break;
+      case "--cli":
+        opts.cli = true;
+        break;
+      case "--web-dir":
+        opts.webDir = next;
+        i++;
+        break;
+      case "--help":
+        printHelp();
+        process.exit(0);
+    }
+  }
+  return opts;
+}
+function printHelp() {
+  console.log(`
+Usage: newcraw gateway [options]
+
+Options:
+  --port <number>         HTTP port (default: 3000)
+  --ws-port <number>      WebSocket port (if omitted, WS is disabled)
+  --host <string>         Bind host (default: 0.0.0.0)
+  --domain <string>       Domain: coding | general (default: general)
+  --auth-token <string>   Bearer token for API / WS auth
+  --cors-origin <string>  CORS origin (default: *)
+  --session-dir <path>    Session storage directory
+  --cwd <path>            Working directory for agent
+  --safe-mode             Enable safe mode (restrict dangerous operations)
+  --no-logging            Disable request logging
+  --rate-limit <number>   Max requests per minute per session (default: 30)
+  --name <string>         Agent name
+  --description <string>  Agent description
+  --cli                   Enable interactive CLI channel (stdin/stdout REPL)
+  --web-dir <path>        Serve web UI from directory (default: auto-detect web/dist)
+  --help                  Show this help
+
+Endpoints:
+  GET  /health              Health check
+  POST /api/chat            Blocking JSON response
+  POST /api/chat/stream     SSE streaming response
+  WS   ws://host:ws-port    WebSocket (bidirectional streaming)
+`);
+}
+function resolveWebDir(explicit) {
+  if (explicit) {
+    return existsSync2(explicit) ? explicit : void 0;
+  }
+  const thisDir = dirname(fileURLToPath(import.meta.url));
+  const candidates = [
+    join3(process.cwd(), "web", "dist"),
+    // Built output lives in dist/ — one level up reaches package root
+    join3(thisDir, "..", "web", "dist"),
+    // Source layout lives in src/entrypoints/ — two levels up reaches project root
+    join3(thisDir, "..", "..", "web", "dist")
+  ];
+  for (const candidate of candidates) {
+    if (existsSync2(join3(candidate, "index.html"))) {
+      return candidate;
+    }
+  }
+  return void 0;
+}
+async function main() {
+  const opts = parseArgs(process.argv);
+  if (opts.name || opts.description) {
+    setIdentity({
+      ...opts.name ? { name: opts.name } : {},
+      ...opts.description ? { description: opts.description } : {},
+      domain: opts.domain
+    });
+  }
+  const sessionDir = opts.sessionDir ?? join3(homedir(), ".newcraw", "gateway-sessions");
+  const storage = new FileSessionStorage(sessionDir);
+  const middleware = [];
+  if (opts.enableLogging) middleware.push(loggingMiddleware());
+  middleware.push(rateLimitMiddleware({ maxRequests: opts.rateLimit ?? 30 }));
+  middleware.push(maxConcurrencyMiddleware());
+  const gateway = new Gateway({
+    storage,
+    domain: opts.domain,
+    cwd: opts.cwd,
+    safeMode: opts.safeMode,
+    middleware,
+    onError: (err, ctx) => console.error(`[Gateway Error] ${ctx}:`, err.message)
+  });
+  const webDistDir = resolveWebDir(opts.webDir);
+  if (webDistDir) {
+    console.log(`[Gateway] Serving web UI from ${webDistDir}`);
+  }
+  const httpChannel = new HttpChannel({
+    port: opts.port,
+    host: opts.host,
+    authToken: opts.authToken,
+    corsOrigin: opts.corsOrigin,
+    webDistDir
+  });
+  gateway.registerChannel(httpChannel);
+  if (opts.wsPort) {
+    const wsChannel = new WebSocketChannel({
+      port: opts.wsPort,
+      host: opts.host,
+      authToken: opts.authToken
+    });
+    gateway.registerChannel(wsChannel);
+  }
+  if (opts.cli) {
+    const cliChannel = new CliChannel({ prompt: `[${opts.name ?? "NewCraw"}] > ` });
+    gateway.registerChannel(cliChannel);
+  }
+  process.on("SIGINT", async () => {
+    await gateway.stop();
+    process.exit(0);
+  });
+  process.on("SIGTERM", async () => {
+    await gateway.stop();
+    process.exit(0);
+  });
+  await gateway.start();
+}
+main().catch((err) => {
+  console.error("Fatal:", err);
+  process.exit(1);
+});