npm - pi-app-server - Versions diffs - 0.1.0 - Mend

pi-app-server 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (67) hide show

package/LICENSE +21 -0
package/README.md +195 -0
package/dist/command-classification.d.ts +59 -0
package/dist/command-classification.d.ts.map +1 -0
package/dist/command-classification.js +78 -0
package/dist/command-classification.js.map +7 -0
package/dist/command-execution-engine.d.ts +118 -0
package/dist/command-execution-engine.d.ts.map +1 -0
package/dist/command-execution-engine.js +259 -0
package/dist/command-execution-engine.js.map +7 -0
package/dist/command-replay-store.d.ts +241 -0
package/dist/command-replay-store.d.ts.map +1 -0
package/dist/command-replay-store.js +306 -0
package/dist/command-replay-store.js.map +7 -0
package/dist/command-router.d.ts +25 -0
package/dist/command-router.d.ts.map +1 -0
package/dist/command-router.js +353 -0
package/dist/command-router.js.map +7 -0
package/dist/extension-ui.d.ts +139 -0
package/dist/extension-ui.d.ts.map +1 -0
package/dist/extension-ui.js +189 -0
package/dist/extension-ui.js.map +7 -0
package/dist/resource-governor.d.ts +254 -0
package/dist/resource-governor.d.ts.map +1 -0
package/dist/resource-governor.js +603 -0
package/dist/resource-governor.js.map +7 -0
package/dist/server-command-handlers.d.ts +120 -0
package/dist/server-command-handlers.d.ts.map +1 -0
package/dist/server-command-handlers.js +234 -0
package/dist/server-command-handlers.js.map +7 -0
package/dist/server-ui-context.d.ts +22 -0
package/dist/server-ui-context.d.ts.map +1 -0
package/dist/server-ui-context.js +221 -0
package/dist/server-ui-context.js.map +7 -0
package/dist/server.d.ts +82 -0
package/dist/server.d.ts.map +1 -0
package/dist/server.js +561 -0
package/dist/server.js.map +7 -0
package/dist/session-lock-manager.d.ts +100 -0
package/dist/session-lock-manager.d.ts.map +1 -0
package/dist/session-lock-manager.js +199 -0
package/dist/session-lock-manager.js.map +7 -0
package/dist/session-manager.d.ts +196 -0
package/dist/session-manager.d.ts.map +1 -0
package/dist/session-manager.js +1010 -0
package/dist/session-manager.js.map +7 -0
package/dist/session-store.d.ts +190 -0
package/dist/session-store.d.ts.map +1 -0
package/dist/session-store.js +446 -0
package/dist/session-store.js.map +7 -0
package/dist/session-version-store.d.ts +83 -0
package/dist/session-version-store.d.ts.map +1 -0
package/dist/session-version-store.js +117 -0
package/dist/session-version-store.js.map +7 -0
package/dist/type-guards.d.ts +59 -0
package/dist/type-guards.d.ts.map +1 -0
package/dist/type-guards.js +40 -0
package/dist/type-guards.js.map +7 -0
package/dist/types.d.ts +621 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +23 -0
package/dist/types.js.map +7 -0
package/dist/validation.d.ts +22 -0
package/dist/validation.d.ts.map +1 -0
package/dist/validation.js +323 -0
package/dist/validation.js.map +7 -0
package/package.json +135 -0

package/dist/resource-governor.js ADDED Viewed

@@ -0,0 +1,603 @@
+import { MetricNames } from "./metrics-types.js";
+const DEFAULT_CONFIG = {
+  maxSessions: 100,
+  maxMessageSizeBytes: 10 * 1024 * 1024,
+  // 10MB
+  maxCommandsPerMinute: 100,
+  maxGlobalCommandsPerMinute: 1e3,
+  maxConnections: 1e3,
+  heartbeatIntervalMs: 3e4,
+  zombieTimeoutMs: 5 * 60 * 1e3,
+  // 5 minutes
+  maxExtensionUIResponsePerMinute: 60,
+  // 1 per second on average
+  maxSessionLifetimeMs: 24 * 60 * 60 * 1e3
+  // 24 hours
+};
+const TIMESTAMP_CLEANUP_THRESHOLD = 1e4;
+const RATE_WINDOW_MS = 6e4;
+const DEFAULT_TIMESTAMP_CLEANUP_INTERVAL_MS = 5 * 60 * 1e3;
+const SESSION_ID_MAX_LENGTH = 256;
+const CWD_MAX_LENGTH = 4096;
+const SESSION_ID_PATTERN = /^[a-zA-Z0-9_.-]+$/;
+const DANGEROUS_PATH_PATTERNS = [/\.\./, /^~/];
+class ResourceGovernor {
+  constructor(config = DEFAULT_CONFIG, metrics) {
+    this.config = config;
+    this.metrics = metrics;
+  }
+  sessionCount = 0;
+  connectionCount = 0;
+  commandTimestamps = /* @__PURE__ */ new Map();
+  globalCommandTimestamps = [];
+  extensionUIResponseTimestamps = /* @__PURE__ */ new Map();
+  lastHeartbeat = /* @__PURE__ */ new Map();
+  sessionCreatedAt = /* @__PURE__ */ new Map();
+  totalCommandsExecuted = 0;
+  commandsRejected = {
+    sessionLimit: 0,
+    messageSize: 0,
+    rateLimit: 0,
+    globalRateLimit: 0,
+    connectionLimit: 0,
+    extensionUIResponseRateLimit: 0
+  };
+  zombieSessionsDetected = 0;
+  zombieSessionsCleaned = 0;
+  doubleUnregisterErrors = 0;
+  /** Generation counter for unique rate limit entry IDs */
+  generationCounter = 0;
+  /** Periodic cleanup timer for stale timestamps */
+  cleanupTimer = null;
+  /**
+   * Set the metrics emitter for monitoring.
+   * Can be called after construction to wire up metrics.
+   */
+  setMetrics(metrics) {
+    this.metrics = metrics;
+  }
+  /**
+   * Increment generation counter and emit metric.
+   * Used for unique rate limit entry IDs and overflow monitoring.
+   */
+  nextGeneration() {
+    const generation = ++this.generationCounter;
+    if (this.metrics && generation % 1e3 === 0) {
+      this.metrics.gauge(MetricNames.RATE_LIMIT_GENERATION_COUNTER, generation);
+    }
+    return generation;
+  }
+  // ==========================================================================
+  // CONFIG ACCESS
+  // ==========================================================================
+  getConfig() {
+    return this.config;
+  }
+  // ==========================================================================
+  // SESSION ID VALIDATION
+  // ==========================================================================
+  /**
+   * Validate a session ID.
+   * Returns null if valid, or an error message if invalid.
+   */
+  validateSessionId(sessionId) {
+    if (!sessionId || typeof sessionId !== "string") {
+      return "Session ID must be a non-empty string";
+    }
+    if (sessionId.length > SESSION_ID_MAX_LENGTH) {
+      return `Session ID too long (max ${SESSION_ID_MAX_LENGTH} characters)`;
+    }
+    if (!SESSION_ID_PATTERN.test(sessionId)) {
+      return "Session ID must contain only alphanumeric characters, underscores, dashes, and dots";
+    }
+    return null;
+  }
+  // ==========================================================================
+  // CWD VALIDATION
+  // ==========================================================================
+  /**
+   * Validate a working directory path.
+   * Returns null if valid, or an error message if invalid.
+   */
+  validateCwd(cwd) {
+    if (!cwd || typeof cwd !== "string") {
+      return "CWD must be a non-empty string";
+    }
+    if (cwd.length > CWD_MAX_LENGTH) {
+      return `CWD too long (max ${CWD_MAX_LENGTH} characters)`;
+    }
+    for (const pattern of DANGEROUS_PATH_PATTERNS) {
+      if (pattern.test(cwd)) {
+        return "CWD contains potentially dangerous path components";
+      }
+    }
+    return null;
+  }
+  // ==========================================================================
+  // SESSION LIMITS
+  // ==========================================================================
+  /**
+   * Atomically check and reserve a session slot.
+   * Returns true if slot was reserved, false if limit reached.
+   */
+  tryReserveSessionSlot() {
+    if (this.sessionCount >= this.config.maxSessions) {
+      this.commandsRejected.sessionLimit++;
+      return false;
+    }
+    this.sessionCount++;
+    return true;
+  }
+  /**
+   * Release a reserved session slot (used if session creation fails after reservation).
+   * Tracks double-unregister as error metric instead of silently masking.
+   */
+  releaseSessionSlot() {
+    this.sessionCount--;
+    if (this.sessionCount < 0) {
+      this.doubleUnregisterErrors++;
+      this.sessionCount = 0;
+      console.error(
+        "[ResourceGovernor] ERROR: releaseSessionSlot called with no active slots (double-unregister)"
+      );
+    }
+  }
+  /**
+   * Check if a new session can be created.
+   * @deprecated Use tryReserveSessionSlot for atomic operation. Will be removed in v2.0.0.
+   */
+  canCreateSession() {
+    if (this.sessionCount >= this.config.maxSessions) {
+      this.commandsRejected.sessionLimit++;
+      return {
+        allowed: false,
+        reason: `Session limit reached (${this.config.maxSessions} sessions)`
+      };
+    }
+    return { allowed: true };
+  }
+  /**
+   * Register a new session.
+   * @deprecated Use tryReserveSessionSlot for atomic operation. Will be removed in v2.0.0.
+   */
+  registerSession(sessionId) {
+    this.sessionCount++;
+    this.recordHeartbeat(sessionId);
+  }
+  /**
+   * Unregister a session. Call AFTER session is deleted.
+   * Also cleans up rate limit timestamps for this session.
+   */
+  unregisterSession(sessionId) {
+    this.sessionCount--;
+    if (this.sessionCount < 0) {
+      this.doubleUnregisterErrors++;
+      this.sessionCount = 0;
+      console.error(
+        `[ResourceGovernor] ERROR: unregisterSession('${sessionId}') called with no active slots (double-unregister)`
+      );
+    }
+    this.lastHeartbeat.delete(sessionId);
+    this.sessionCreatedAt.delete(sessionId);
+    this.commandTimestamps.delete(sessionId);
+  }
+  /**
+   * Get current session count.
+   */
+  getSessionCount() {
+    return this.sessionCount;
+  }
+  // ==========================================================================
+  // CONNECTION LIMITS
+  // ==========================================================================
+  /**
+   * Check if a new connection can be accepted.
+   */
+  canAcceptConnection() {
+    if (this.connectionCount >= this.config.maxConnections) {
+      this.commandsRejected.connectionLimit++;
+      return {
+        allowed: false,
+        reason: `Connection limit reached (${this.config.maxConnections} connections)`
+      };
+    }
+    return { allowed: true };
+  }
+  /**
+   * Register a new connection.
+   */
+  registerConnection() {
+    this.connectionCount++;
+  }
+  /**
+   * Unregister a connection.
+   * Tracks double-unregister as error metric instead of silently masking.
+   */
+  unregisterConnection() {
+    this.connectionCount--;
+    if (this.connectionCount < 0) {
+      this.doubleUnregisterErrors++;
+      this.connectionCount = 0;
+      console.error(
+        "[ResourceGovernor] ERROR: unregisterConnection called with no active connections (double-unregister)"
+      );
+    }
+  }
+  /**
+   * Get current connection count.
+   */
+  getConnectionCount() {
+    return this.connectionCount;
+  }
+  // ==========================================================================
+  // MESSAGE SIZE LIMITS
+  // ==========================================================================
+  /**
+   * Check if a message of the given size can be accepted.
+   * Rejects negative sizes, NaN, and sizes exceeding the limit.
+   */
+  canAcceptMessage(sizeBytes) {
+    if (!Number.isFinite(sizeBytes) || sizeBytes < 0) {
+      this.commandsRejected.messageSize++;
+      return {
+        allowed: false,
+        reason: `Invalid message size: ${sizeBytes}`
+      };
+    }
+    if (sizeBytes > this.config.maxMessageSizeBytes) {
+      this.commandsRejected.messageSize++;
+      return {
+        allowed: false,
+        reason: `Message size ${sizeBytes} exceeds limit ${this.config.maxMessageSizeBytes}`
+      };
+    }
+    return { allowed: true };
+  }
+  // ==========================================================================
+  // RATE LIMITING
+  // ==========================================================================
+  /**
+   * Check if a command can be executed for the given session.
+   * Implements sliding window rate limiting (both per-session and global).
+   *
+   * @returns The generation marker for refund, or rejection result
+   */
+  canExecuteCommand(sessionId) {
+    const now = Date.now();
+    const windowStart = now - RATE_WINDOW_MS;
+    if (this.globalCommandTimestamps.length > TIMESTAMP_CLEANUP_THRESHOLD) {
+      this.globalCommandTimestamps = this.globalCommandTimestamps.filter(
+        (e) => e.timestamp > windowStart
+      );
+    } else {
+      this.globalCommandTimestamps = this.globalCommandTimestamps.filter(
+        (e) => e.timestamp > windowStart
+      );
+    }
+    if (this.globalCommandTimestamps.length >= this.config.maxGlobalCommandsPerMinute) {
+      this.commandsRejected.globalRateLimit++;
+      return {
+        allowed: false,
+        reason: `Global rate limit exceeded (${this.config.maxGlobalCommandsPerMinute} commands/minute)`
+      };
+    }
+    let entries = this.commandTimestamps.get(sessionId);
+    if (!entries) {
+      entries = [];
+      this.commandTimestamps.set(sessionId, entries);
+    } else {
+      entries = entries.filter((e) => e.timestamp > windowStart);
+      this.commandTimestamps.set(sessionId, entries);
+    }
+    if (entries.length >= this.config.maxCommandsPerMinute) {
+      this.commandsRejected.rateLimit++;
+      return {
+        allowed: false,
+        reason: `Rate limit exceeded (${this.config.maxCommandsPerMinute} commands/minute)`
+      };
+    }
+    const generation = this.nextGeneration();
+    const entry = { timestamp: now, generation };
+    entries.push(entry);
+    this.globalCommandTimestamps.push(entry);
+    this.totalCommandsExecuted++;
+    return { allowed: true, generation };
+  }
+  /**
+   * Refund a previously counted command (e.g. command failed before execution).
+   * Uses generation marker to ensure correct entry is removed.
+   */
+  refundCommand(sessionId, generation) {
+    const sessionEntries = this.commandTimestamps.get(sessionId);
+    if (!sessionEntries) {
+      return;
+    }
+    const sessionIdx = sessionEntries.findIndex((e) => e.generation === generation);
+    if (sessionIdx === -1) {
+      return;
+    }
+    sessionEntries.splice(sessionIdx, 1);
+    if (sessionEntries.length === 0) {
+      this.commandTimestamps.delete(sessionId);
+    }
+    const globalIdx = this.globalCommandTimestamps.findIndex((e) => e.generation === generation);
+    if (globalIdx !== -1) {
+      this.globalCommandTimestamps.splice(globalIdx, 1);
+    }
+    if (this.totalCommandsExecuted > 0) {
+      this.totalCommandsExecuted--;
+    }
+  }
+  /**
+   * Get current rate limit usage for observability.
+   */
+  getRateLimitUsage(sessionId) {
+    const now = Date.now();
+    const windowStart = now - RATE_WINDOW_MS;
+    const sessionCount = this.commandTimestamps.get(sessionId)?.filter((e) => e.timestamp > windowStart).length ?? 0;
+    const globalCount = this.globalCommandTimestamps.filter(
+      (e) => e.timestamp > windowStart
+    ).length;
+    return {
+      session: sessionCount,
+      global: globalCount
+    };
+  }
+  // ==========================================================================
+  // EXTENSION UI RESPONSE RATE LIMITING
+  // ==========================================================================
+  /**
+   * Check if an extension_ui_response command can be executed for the given session.
+   * This is a separate, more restrictive rate limit to prevent abuse of UI responses.
+   */
+  canExecuteExtensionUIResponse(sessionId) {
+    const now = Date.now();
+    const windowStart = now - RATE_WINDOW_MS;
+    let entries = this.extensionUIResponseTimestamps.get(sessionId);
+    if (!entries) {
+      entries = [];
+      this.extensionUIResponseTimestamps.set(sessionId, entries);
+    } else {
+      entries = entries.filter((e) => e.timestamp > windowStart);
+      this.extensionUIResponseTimestamps.set(sessionId, entries);
+    }
+    if (entries.length >= this.config.maxExtensionUIResponsePerMinute) {
+      this.commandsRejected.extensionUIResponseRateLimit++;
+      return {
+        allowed: false,
+        reason: `Extension UI response rate limit exceeded (${this.config.maxExtensionUIResponsePerMinute} responses/minute)`
+      };
+    }
+    const generation = this.nextGeneration();
+    entries.push({ timestamp: now, generation });
+    return { allowed: true };
+  }
+  // ==========================================================================
+  // HEARTBEAT / ZOMBIE DETECTION
+  // ==========================================================================
+  /**
+   * Record a heartbeat for a session.
+   * Also tracks session creation time for lifetime enforcement.
+   */
+  recordHeartbeat(sessionId) {
+    const now = Date.now();
+    this.lastHeartbeat.set(sessionId, now);
+    if (!this.sessionCreatedAt.has(sessionId)) {
+      this.sessionCreatedAt.set(sessionId, now);
+    }
+  }
+  /**
+   * Get list of zombie session IDs.
+   *
+   * @param recordDetection Whether to increment zombie detection metrics.
+   */
+  getZombieSessions(recordDetection = true) {
+    const now = Date.now();
+    const zombies = [];
+    for (const [sessionId, lastTime] of this.lastHeartbeat) {
+      if (now - lastTime > this.config.zombieTimeoutMs) {
+        zombies.push(sessionId);
+      }
+    }
+    if (recordDetection && zombies.length > 0) {
+      this.zombieSessionsDetected += zombies.length;
+    }
+    return zombies;
+  }
+  /**
+   * Clean up zombie sessions. Returns IDs of cleaned sessions.
+   * Call this periodically or when you want to force cleanup.
+   */
+  cleanupZombieSessions() {
+    const zombies = this.getZombieSessions();
+    for (const sessionId of zombies) {
+      this.lastHeartbeat.delete(sessionId);
+      this.commandTimestamps.delete(sessionId);
+    }
+    if (zombies.length > 0) {
+      this.zombieSessionsCleaned += zombies.length;
+    }
+    return zombies;
+  }
+  /**
+   * Get the last heartbeat time for a session.
+   */
+  getLastHeartbeat(sessionId) {
+    return this.lastHeartbeat.get(sessionId);
+  }
+  // ==========================================================================
+  // METRICS
+  // ==========================================================================
+  /**
+   * Get current metrics for observability.
+   */
+  getMetrics() {
+    const now = Date.now();
+    const windowStart = now - RATE_WINDOW_MS;
+    const globalCount = this.globalCommandTimestamps.filter(
+      (e) => e.timestamp > windowStart
+    ).length;
+    return {
+      sessionCount: this.sessionCount,
+      connectionCount: this.connectionCount,
+      totalCommandsExecuted: this.totalCommandsExecuted,
+      commandsRejected: { ...this.commandsRejected },
+      zombieSessionsDetected: this.zombieSessionsDetected,
+      zombieSessionsCleaned: this.zombieSessionsCleaned,
+      doubleUnregisterErrors: this.doubleUnregisterErrors,
+      rateLimitUsage: {
+        globalCount,
+        globalLimit: this.config.maxGlobalCommandsPerMinute
+      }
+    };
+  }
+  /**
+   * Check if the server is healthy.
+   */
+  isHealthy() {
+    const issues = [];
+    if (this.sessionCount >= this.config.maxSessions * 0.9) {
+      issues.push(`Session count at ${this.sessionCount}/${this.config.maxSessions} (90%+)`);
+    }
+    if (this.connectionCount >= this.config.maxConnections * 0.9) {
+      issues.push(
+        `Connection count at ${this.connectionCount}/${this.config.maxConnections} (90%+)`
+      );
+    }
+    const zombies = this.getZombieSessions(false);
+    if (zombies.length > 0) {
+      issues.push(`${zombies.length} zombie sessions detected`);
+    }
+    return {
+      healthy: issues.length === 0,
+      issues
+    };
+  }
+  /**
+   * Reset metrics (useful for testing).
+   */
+  resetMetrics() {
+    this.totalCommandsExecuted = 0;
+    this.commandsRejected = {
+      sessionLimit: 0,
+      messageSize: 0,
+      rateLimit: 0,
+      globalRateLimit: 0,
+      connectionLimit: 0,
+      extensionUIResponseRateLimit: 0
+    };
+    this.zombieSessionsDetected = 0;
+    this.zombieSessionsCleaned = 0;
+  }
+  // ==========================================================================
+  // CLEANUP
+  // ==========================================================================
+  /**
+   * Clean up stale rate limit data.
+   * Also cleans extensionUIResponseTimestamps.
+   */
+  cleanupStaleTimestamps() {
+    const now = Date.now();
+    const windowStart = now - RATE_WINDOW_MS;
+    this.globalCommandTimestamps = this.globalCommandTimestamps.filter(
+      (e) => e.timestamp > windowStart
+    );
+    for (const [sessionId, entries] of this.commandTimestamps) {
+      const filtered = entries.filter((e) => e.timestamp > windowStart);
+      if (filtered.length === 0) {
+        this.commandTimestamps.delete(sessionId);
+      } else {
+        this.commandTimestamps.set(sessionId, filtered);
+      }
+    }
+    for (const [sessionId, entries] of this.extensionUIResponseTimestamps) {
+      const filtered = entries.filter((e) => e.timestamp > windowStart);
+      if (filtered.length === 0) {
+        this.extensionUIResponseTimestamps.delete(sessionId);
+      } else {
+        this.extensionUIResponseTimestamps.set(sessionId, filtered);
+      }
+    }
+  }
+  /**
+   * Start periodic cleanup of stale timestamps.
+   * Call this during server startup to prevent memory leaks from inactive sessions.
+   * @param intervalMs Cleanup interval (default: 5 minutes)
+   */
+  startPeriodicCleanup(intervalMs = DEFAULT_TIMESTAMP_CLEANUP_INTERVAL_MS) {
+    if (this.cleanupTimer) {
+      return;
+    }
+    this.cleanupTimer = setInterval(() => {
+      this.cleanupStaleTimestamps();
+    }, intervalMs);
+    if (this.cleanupTimer.unref) {
+      this.cleanupTimer.unref();
+    }
+  }
+  /**
+   * Stop periodic cleanup.
+   */
+  stopPeriodicCleanup() {
+    if (this.cleanupTimer) {
+      clearInterval(this.cleanupTimer);
+      this.cleanupTimer = null;
+    }
+  }
+  /**
+   * Clean up stale data for deleted sessions.
+   */
+  cleanupStaleData(activeSessionIds) {
+    for (const sessionId of this.commandTimestamps.keys()) {
+      if (!activeSessionIds.has(sessionId)) {
+        this.commandTimestamps.delete(sessionId);
+      }
+    }
+    for (const sessionId of this.lastHeartbeat.keys()) {
+      if (!activeSessionIds.has(sessionId)) {
+        this.lastHeartbeat.delete(sessionId);
+      }
+    }
+    for (const sessionId of this.sessionCreatedAt.keys()) {
+      if (!activeSessionIds.has(sessionId)) {
+        this.sessionCreatedAt.delete(sessionId);
+      }
+    }
+    for (const sessionId of this.extensionUIResponseTimestamps.keys()) {
+      if (!activeSessionIds.has(sessionId)) {
+        this.extensionUIResponseTimestamps.delete(sessionId);
+      }
+    }
+  }
+  // ==========================================================================
+  // SESSION LIFETIME
+  // ==========================================================================
+  /**
+   * Get list of expired session IDs (exceeded maxSessionLifetimeMs).
+   * Returns empty array if maxSessionLifetimeMs is 0 (unlimited).
+   */
+  getExpiredSessions() {
+    if (this.config.maxSessionLifetimeMs === 0) {
+      return [];
+    }
+    const now = Date.now();
+    const expired = [];
+    for (const [sessionId, createdAt] of this.sessionCreatedAt) {
+      if (now - createdAt > this.config.maxSessionLifetimeMs) {
+        expired.push(sessionId);
+      }
+    }
+    return expired;
+  }
+  /**
+   * Get the creation time for a session.
+   */
+  getSessionCreatedAt(sessionId) {
+    return this.sessionCreatedAt.get(sessionId);
+  }
+}
+export {
+  DEFAULT_CONFIG,
+  ResourceGovernor
+};
+//# sourceMappingURL=resource-governor.js.map

package/dist/resource-governor.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../src/resource-governor.ts"],
+  "sourcesContent": ["/**\n * ResourceGovernor - Enforces all resource limits for pi-server.\n *\n * A single nexus point for:\n * - Message size limits (prevents OOM)\n * - Session limits (prevents resource exhaustion)\n * - Rate limiting (prevents abuse)\n * - Heartbeat tracking (enables zombie detection)\n * - Connection limits (prevents DoS)\n *\n * Makes testing trivial (mock the governor).\n */\n\nimport type { MetricsEmitter } from \"./metrics-emitter.js\";\nimport { MetricNames } from \"./metrics-types.js\";\n\n// ============================================================================\n// CONFIG\n// ============================================================================\n\nexport interface ResourceGovernorConfig {\n  /** Maximum concurrent sessions (default: 100) */\n  maxSessions: number;\n  /** Maximum message size in bytes (default: 10MB) */\n  maxMessageSizeBytes: number;\n  /** Maximum commands per minute per session (default: 100) */\n  maxCommandsPerMinute: number;\n  /** Maximum commands per minute globally across all sessions (default: 1000) */\n  maxGlobalCommandsPerMinute: number;\n  /** Maximum concurrent WebSocket connections (default: 1000) */\n  maxConnections: number;\n  /** Heartbeat interval in ms for zombie detection (default: 30000) */\n  heartbeatIntervalMs: number;\n  /** Time without heartbeat before session is considered zombie (default: 5 min) */\n  zombieTimeoutMs: number;\n  /** Maximum extension_ui_response commands per minute per session (default: 60) */\n  maxExtensionUIResponsePerMinute: number;\n  /** Maximum session lifetime in ms (0 = unlimited, default: 24 hours) */\n  maxSessionLifetimeMs: number;\n}\n\nexport const DEFAULT_CONFIG: ResourceGovernorConfig = {\n  maxSessions: 100,\n  maxMessageSizeBytes: 10 * 1024 * 1024, // 10MB\n  maxCommandsPerMinute: 100,\n  maxGlobalCommandsPerMinute: 1000,\n  maxConnections: 1000,\n  heartbeatIntervalMs: 30000,\n  zombieTimeoutMs: 5 * 60 * 1000, // 5 minutes\n  maxExtensionUIResponsePerMinute: 60, // 1 per second on average\n  maxSessionLifetimeMs: 24 * 60 * 60 * 1000, // 24 hours\n};\n\n// ============================================================================\n// METRICS\n// ============================================================================\n\nexport interface GovernorMetrics {\n  sessionCount: number;\n  connectionCount: number;\n  totalCommandsExecuted: number;\n  commandsRejected: {\n    sessionLimit: number;\n    messageSize: number;\n    rateLimit: number;\n    globalRateLimit: number;\n    connectionLimit: number;\n    extensionUIResponseRateLimit: number;\n  };\n  zombieSessionsDetected: number;\n  zombieSessionsCleaned: number;\n  /** Count of double-unregister errors (session or connection unregistered twice) */\n  doubleUnregisterErrors: number;\n  rateLimitUsage: {\n    globalCount: number;\n    globalLimit: number;\n  };\n}\n\n// ============================================================================\n// RESULT TYPES\n// ============================================================================\n\nexport interface RejectionResult {\n  allowed: false;\n  reason: string;\n}\n\nexport interface AllowResult {\n  allowed: true;\n}\n\nexport type GovernorResult = AllowResult | RejectionResult;\n\n// ============================================================================\n// CONSTANTS\n// ============================================================================\n\n/** Threshold for triggering automatic timestamp cleanup */\nconst TIMESTAMP_CLEANUP_THRESHOLD = 10000;\n\n/** Rate limit window in ms (1 minute) */\nconst RATE_WINDOW_MS = 60000;\n\n/** Default interval for periodic timestamp cleanup (5 minutes) */\nconst DEFAULT_TIMESTAMP_CLEANUP_INTERVAL_MS = 5 * 60 * 1000;\n\n/** Session ID max length */\nconst SESSION_ID_MAX_LENGTH = 256;\n\n/** CWD max length */\nconst CWD_MAX_LENGTH = 4096;\n\n/** Valid session ID pattern (alphanumeric, dash, underscore, dot) */\nconst SESSION_ID_PATTERN = /^[a-zA-Z0-9_.-]+$/;\n\n/** Dangerous path patterns */\nconst DANGEROUS_PATH_PATTERNS = [/\\.\\./, /^~/];\n\n/**\n * Rate limit timestamp with generation marker.\n * The generation ensures refundCommand removes the correct entry\n * even when multiple commands have the same timestamp.\n */\ninterface RateLimitEntry {\n  timestamp: number;\n  /** Unique generation marker for this entry */\n  generation: number;\n}\n\n// ============================================================================\n// GOVERNOR CLASS\n// ============================================================================\n\n/**\n * ResourceGovernor enforces resource limits for the server.\n *\n * Memory management:\n * - Rate limit timestamps are cleaned up periodically via startPeriodicCleanup()\n * - Session-specific data is cleaned up when sessions are deleted\n * - Call cleanupStaleData() after deleting sessions\n */\nexport class ResourceGovernor {\n  private sessionCount = 0;\n  private connectionCount = 0;\n  private commandTimestamps = new Map<string, RateLimitEntry[]>();\n  private globalCommandTimestamps: RateLimitEntry[] = [];\n  private extensionUIResponseTimestamps = new Map<string, RateLimitEntry[]>();\n  private lastHeartbeat = new Map<string, number>();\n  private sessionCreatedAt = new Map<string, number>();\n  private totalCommandsExecuted = 0;\n  private commandsRejected = {\n    sessionLimit: 0,\n    messageSize: 0,\n    rateLimit: 0,\n    globalRateLimit: 0,\n    connectionLimit: 0,\n    extensionUIResponseRateLimit: 0,\n  };\n  private zombieSessionsDetected = 0;\n  private zombieSessionsCleaned = 0;\n  private doubleUnregisterErrors = 0;\n\n  /** Generation counter for unique rate limit entry IDs */\n  private generationCounter = 0;\n\n  /** Periodic cleanup timer for stale timestamps */\n  private cleanupTimer: NodeJS.Timeout | null = null;\n\n  constructor(\n    private config: ResourceGovernorConfig = DEFAULT_CONFIG,\n    private metrics?: MetricsEmitter\n  ) {}\n\n  /**\n   * Set the metrics emitter for monitoring.\n   * Can be called after construction to wire up metrics.\n   */\n  setMetrics(metrics: MetricsEmitter): void {\n    this.metrics = metrics;\n  }\n\n  /**\n   * Increment generation counter and emit metric.\n   * Used for unique rate limit entry IDs and overflow monitoring.\n   */\n  private nextGeneration(): number {\n    const generation = ++this.generationCounter;\n\n    // Emit metric for threshold alerting (e.g., overflow at 1e15)\n    if (this.metrics && generation % 1000 === 0) {\n      this.metrics.gauge(MetricNames.RATE_LIMIT_GENERATION_COUNTER, generation);\n    }\n\n    return generation;\n  }\n\n  // ==========================================================================\n  // CONFIG ACCESS\n  // ==========================================================================\n\n  getConfig(): Readonly<ResourceGovernorConfig> {\n    return this.config;\n  }\n\n  // ==========================================================================\n  // SESSION ID VALIDATION\n  // ==========================================================================\n\n  /**\n   * Validate a session ID.\n   * Returns null if valid, or an error message if invalid.\n   */\n  validateSessionId(sessionId: string): string | null {\n    if (!sessionId || typeof sessionId !== \"string\") {\n      return \"Session ID must be a non-empty string\";\n    }\n    if (sessionId.length > SESSION_ID_MAX_LENGTH) {\n      return `Session ID too long (max ${SESSION_ID_MAX_LENGTH} characters)`;\n    }\n    if (!SESSION_ID_PATTERN.test(sessionId)) {\n      return \"Session ID must contain only alphanumeric characters, underscores, dashes, and dots\";\n    }\n    return null;\n  }\n\n  // ==========================================================================\n  // CWD VALIDATION\n  // ==========================================================================\n\n  /**\n   * Validate a working directory path.\n   * Returns null if valid, or an error message if invalid.\n   */\n  validateCwd(cwd: string): string | null {\n    if (!cwd || typeof cwd !== \"string\") {\n      return \"CWD must be a non-empty string\";\n    }\n    if (cwd.length > CWD_MAX_LENGTH) {\n      return `CWD too long (max ${CWD_MAX_LENGTH} characters)`;\n    }\n    for (const pattern of DANGEROUS_PATH_PATTERNS) {\n      if (pattern.test(cwd)) {\n        return \"CWD contains potentially dangerous path components\";\n      }\n    }\n    return null;\n  }\n\n  // ==========================================================================\n  // SESSION LIMITS\n  // ==========================================================================\n\n  /**\n   * Atomically check and reserve a session slot.\n   * Returns true if slot was reserved, false if limit reached.\n   */\n  tryReserveSessionSlot(): boolean {\n    if (this.sessionCount >= this.config.maxSessions) {\n      this.commandsRejected.sessionLimit++;\n      return false;\n    }\n    this.sessionCount++;\n    return true;\n  }\n\n  /**\n   * Release a reserved session slot (used if session creation fails after reservation).\n   * Tracks double-unregister as error metric instead of silently masking.\n   */\n  releaseSessionSlot(): void {\n    this.sessionCount--;\n    if (this.sessionCount < 0) {\n      this.doubleUnregisterErrors++;\n      this.sessionCount = 0;\n      console.error(\n        \"[ResourceGovernor] ERROR: releaseSessionSlot called with no active slots (double-unregister)\"\n      );\n    }\n  }\n\n  /**\n   * Check if a new session can be created.\n   * @deprecated Use tryReserveSessionSlot for atomic operation. Will be removed in v2.0.0.\n   */\n  canCreateSession(): GovernorResult {\n    if (this.sessionCount >= this.config.maxSessions) {\n      this.commandsRejected.sessionLimit++;\n      return {\n        allowed: false,\n        reason: `Session limit reached (${this.config.maxSessions} sessions)`,\n      };\n    }\n    return { allowed: true };\n  }\n\n  /**\n   * Register a new session.\n   * @deprecated Use tryReserveSessionSlot for atomic operation. Will be removed in v2.0.0.\n   */\n  registerSession(sessionId: string): void {\n    this.sessionCount++;\n    this.recordHeartbeat(sessionId);\n  }\n\n  /**\n   * Unregister a session. Call AFTER session is deleted.\n   * Also cleans up rate limit timestamps for this session.\n   */\n  unregisterSession(sessionId: string): void {\n    this.sessionCount--;\n    if (this.sessionCount < 0) {\n      this.doubleUnregisterErrors++;\n      this.sessionCount = 0;\n      console.error(\n        `[ResourceGovernor] ERROR: unregisterSession('${sessionId}') called with no active slots (double-unregister)`\n      );\n    }\n    this.lastHeartbeat.delete(sessionId);\n    this.sessionCreatedAt.delete(sessionId);\n    this.commandTimestamps.delete(sessionId);\n  }\n\n  /**\n   * Get current session count.\n   */\n  getSessionCount(): number {\n    return this.sessionCount;\n  }\n\n  // ==========================================================================\n  // CONNECTION LIMITS\n  // ==========================================================================\n\n  /**\n   * Check if a new connection can be accepted.\n   */\n  canAcceptConnection(): GovernorResult {\n    if (this.connectionCount >= this.config.maxConnections) {\n      this.commandsRejected.connectionLimit++;\n      return {\n        allowed: false,\n        reason: `Connection limit reached (${this.config.maxConnections} connections)`,\n      };\n    }\n    return { allowed: true };\n  }\n\n  /**\n   * Register a new connection.\n   */\n  registerConnection(): void {\n    this.connectionCount++;\n  }\n\n  /**\n   * Unregister a connection.\n   * Tracks double-unregister as error metric instead of silently masking.\n   */\n  unregisterConnection(): void {\n    this.connectionCount--;\n    if (this.connectionCount < 0) {\n      this.doubleUnregisterErrors++;\n      this.connectionCount = 0;\n      console.error(\n        \"[ResourceGovernor] ERROR: unregisterConnection called with no active connections (double-unregister)\"\n      );\n    }\n  }\n\n  /**\n   * Get current connection count.\n   */\n  getConnectionCount(): number {\n    return this.connectionCount;\n  }\n\n  // ==========================================================================\n  // MESSAGE SIZE LIMITS\n  // ==========================================================================\n\n  /**\n   * Check if a message of the given size can be accepted.\n   * Rejects negative sizes, NaN, and sizes exceeding the limit.\n   */\n  canAcceptMessage(sizeBytes: number): GovernorResult {\n    if (!Number.isFinite(sizeBytes) || sizeBytes < 0) {\n      this.commandsRejected.messageSize++;\n      return {\n        allowed: false,\n        reason: `Invalid message size: ${sizeBytes}`,\n      };\n    }\n\n    if (sizeBytes > this.config.maxMessageSizeBytes) {\n      this.commandsRejected.messageSize++;\n      return {\n        allowed: false,\n        reason: `Message size ${sizeBytes} exceeds limit ${this.config.maxMessageSizeBytes}`,\n      };\n    }\n    return { allowed: true };\n  }\n\n  // ==========================================================================\n  // RATE LIMITING\n  // ==========================================================================\n\n  /**\n   * Check if a command can be executed for the given session.\n   * Implements sliding window rate limiting (both per-session and global).\n   *\n   * @returns The generation marker for refund, or rejection result\n   */\n  canExecuteCommand(sessionId: string): GovernorResult & { generation?: number } {\n    const now = Date.now();\n    const windowStart = now - RATE_WINDOW_MS;\n\n    // Auto-cleanup if global timestamps exceed threshold\n    if (this.globalCommandTimestamps.length > TIMESTAMP_CLEANUP_THRESHOLD) {\n      this.globalCommandTimestamps = this.globalCommandTimestamps.filter(\n        (e) => e.timestamp > windowStart\n      );\n    } else {\n      // Normal filter\n      this.globalCommandTimestamps = this.globalCommandTimestamps.filter(\n        (e) => e.timestamp > windowStart\n      );\n    }\n\n    // Check global rate limit first\n    if (this.globalCommandTimestamps.length >= this.config.maxGlobalCommandsPerMinute) {\n      this.commandsRejected.globalRateLimit++;\n      return {\n        allowed: false,\n        reason: `Global rate limit exceeded (${this.config.maxGlobalCommandsPerMinute} commands/minute)`,\n      };\n    }\n\n    // Check per-session rate limit\n    let entries = this.commandTimestamps.get(sessionId);\n    if (!entries) {\n      entries = [];\n      this.commandTimestamps.set(sessionId, entries);\n    } else {\n      entries = entries.filter((e) => e.timestamp > windowStart);\n      this.commandTimestamps.set(sessionId, entries);\n    }\n\n    if (entries.length >= this.config.maxCommandsPerMinute) {\n      this.commandsRejected.rateLimit++;\n      return {\n        allowed: false,\n        reason: `Rate limit exceeded (${this.config.maxCommandsPerMinute} commands/minute)`,\n      };\n    }\n\n    // Record this command with unique generation marker\n    const generation = this.nextGeneration();\n    const entry: RateLimitEntry = { timestamp: now, generation };\n    entries.push(entry);\n    this.globalCommandTimestamps.push(entry);\n    this.totalCommandsExecuted++;\n\n    return { allowed: true, generation };\n  }\n\n  /**\n   * Refund a previously counted command (e.g. command failed before execution).\n   * Uses generation marker to ensure correct entry is removed.\n   */\n  refundCommand(sessionId: string, generation: number): void {\n    const sessionEntries = this.commandTimestamps.get(sessionId);\n    if (!sessionEntries) {\n      return;\n    }\n\n    // Find and remove the entry with matching generation\n    const sessionIdx = sessionEntries.findIndex((e) => e.generation === generation);\n    if (sessionIdx === -1) {\n      return; // Already removed or never existed\n    }\n\n    sessionEntries.splice(sessionIdx, 1);\n    if (sessionEntries.length === 0) {\n      this.commandTimestamps.delete(sessionId);\n    }\n\n    // Remove from global timestamps using generation marker\n    const globalIdx = this.globalCommandTimestamps.findIndex((e) => e.generation === generation);\n    if (globalIdx !== -1) {\n      this.globalCommandTimestamps.splice(globalIdx, 1);\n    }\n\n    if (this.totalCommandsExecuted > 0) {\n      this.totalCommandsExecuted--;\n    }\n  }\n\n  /**\n   * Get current rate limit usage for observability.\n   */\n  getRateLimitUsage(sessionId: string): { session: number; global: number } {\n    const now = Date.now();\n    const windowStart = now - RATE_WINDOW_MS;\n\n    const sessionCount =\n      this.commandTimestamps.get(sessionId)?.filter((e) => e.timestamp > windowStart).length ?? 0;\n    const globalCount = this.globalCommandTimestamps.filter(\n      (e) => e.timestamp > windowStart\n    ).length;\n\n    return {\n      session: sessionCount,\n      global: globalCount,\n    };\n  }\n\n  // ==========================================================================\n  // EXTENSION UI RESPONSE RATE LIMITING\n  // ==========================================================================\n\n  /**\n   * Check if an extension_ui_response command can be executed for the given session.\n   * This is a separate, more restrictive rate limit to prevent abuse of UI responses.\n   */\n  canExecuteExtensionUIResponse(sessionId: string): GovernorResult {\n    const now = Date.now();\n    const windowStart = now - RATE_WINDOW_MS;\n\n    let entries = this.extensionUIResponseTimestamps.get(sessionId);\n    if (!entries) {\n      entries = [];\n      this.extensionUIResponseTimestamps.set(sessionId, entries);\n    } else {\n      entries = entries.filter((e) => e.timestamp > windowStart);\n      this.extensionUIResponseTimestamps.set(sessionId, entries);\n    }\n\n    if (entries.length >= this.config.maxExtensionUIResponsePerMinute) {\n      this.commandsRejected.extensionUIResponseRateLimit++;\n      return {\n        allowed: false,\n        reason: `Extension UI response rate limit exceeded (${this.config.maxExtensionUIResponsePerMinute} responses/minute)`,\n      };\n    }\n\n    // Record this response with generation marker\n    const generation = this.nextGeneration();\n    entries.push({ timestamp: now, generation });\n    return { allowed: true };\n  }\n\n  // ==========================================================================\n  // HEARTBEAT / ZOMBIE DETECTION\n  // ==========================================================================\n\n  /**\n   * Record a heartbeat for a session.\n   * Also tracks session creation time for lifetime enforcement.\n   */\n  recordHeartbeat(sessionId: string): void {\n    const now = Date.now();\n    this.lastHeartbeat.set(sessionId, now);\n    // Track creation time if this is a new session\n    if (!this.sessionCreatedAt.has(sessionId)) {\n      this.sessionCreatedAt.set(sessionId, now);\n    }\n  }\n\n  /**\n   * Get list of zombie session IDs.\n   *\n   * @param recordDetection Whether to increment zombie detection metrics.\n   */\n  getZombieSessions(recordDetection = true): string[] {\n    const now = Date.now();\n    const zombies: string[] = [];\n\n    for (const [sessionId, lastTime] of this.lastHeartbeat) {\n      if (now - lastTime > this.config.zombieTimeoutMs) {\n        zombies.push(sessionId);\n      }\n    }\n\n    if (recordDetection && zombies.length > 0) {\n      this.zombieSessionsDetected += zombies.length;\n    }\n\n    return zombies;\n  }\n\n  /**\n   * Clean up zombie sessions. Returns IDs of cleaned sessions.\n   * Call this periodically or when you want to force cleanup.\n   */\n  cleanupZombieSessions(): string[] {\n    const zombies = this.getZombieSessions();\n    for (const sessionId of zombies) {\n      this.lastHeartbeat.delete(sessionId);\n      this.commandTimestamps.delete(sessionId);\n    }\n    if (zombies.length > 0) {\n      this.zombieSessionsCleaned += zombies.length;\n    }\n    return zombies;\n  }\n\n  /**\n   * Get the last heartbeat time for a session.\n   */\n  getLastHeartbeat(sessionId: string): number | undefined {\n    return this.lastHeartbeat.get(sessionId);\n  }\n\n  // ==========================================================================\n  // METRICS\n  // ==========================================================================\n\n  /**\n   * Get current metrics for observability.\n   */\n  getMetrics(): GovernorMetrics {\n    const now = Date.now();\n    const windowStart = now - RATE_WINDOW_MS;\n    const globalCount = this.globalCommandTimestamps.filter(\n      (e) => e.timestamp > windowStart\n    ).length;\n\n    return {\n      sessionCount: this.sessionCount,\n      connectionCount: this.connectionCount,\n      totalCommandsExecuted: this.totalCommandsExecuted,\n      commandsRejected: { ...this.commandsRejected },\n      zombieSessionsDetected: this.zombieSessionsDetected,\n      zombieSessionsCleaned: this.zombieSessionsCleaned,\n      doubleUnregisterErrors: this.doubleUnregisterErrors,\n      rateLimitUsage: {\n        globalCount,\n        globalLimit: this.config.maxGlobalCommandsPerMinute,\n      },\n    };\n  }\n\n  /**\n   * Check if the server is healthy.\n   */\n  isHealthy(): { healthy: boolean; issues: string[] } {\n    const issues: string[] = [];\n\n    if (this.sessionCount >= this.config.maxSessions * 0.9) {\n      issues.push(`Session count at ${this.sessionCount}/${this.config.maxSessions} (90%+)`);\n    }\n    if (this.connectionCount >= this.config.maxConnections * 0.9) {\n      issues.push(\n        `Connection count at ${this.connectionCount}/${this.config.maxConnections} (90%+)`\n      );\n    }\n\n    const zombies = this.getZombieSessions(false);\n    if (zombies.length > 0) {\n      issues.push(`${zombies.length} zombie sessions detected`);\n    }\n\n    return {\n      healthy: issues.length === 0,\n      issues,\n    };\n  }\n\n  /**\n   * Reset metrics (useful for testing).\n   */\n  resetMetrics(): void {\n    this.totalCommandsExecuted = 0;\n    this.commandsRejected = {\n      sessionLimit: 0,\n      messageSize: 0,\n      rateLimit: 0,\n      globalRateLimit: 0,\n      connectionLimit: 0,\n      extensionUIResponseRateLimit: 0,\n    };\n    this.zombieSessionsDetected = 0;\n    this.zombieSessionsCleaned = 0;\n  }\n\n  // ==========================================================================\n  // CLEANUP\n  // ==========================================================================\n\n  /**\n   * Clean up stale rate limit data.\n   * Also cleans extensionUIResponseTimestamps.\n   */\n  cleanupStaleTimestamps(): void {\n    const now = Date.now();\n    const windowStart = now - RATE_WINDOW_MS;\n\n    this.globalCommandTimestamps = this.globalCommandTimestamps.filter(\n      (e) => e.timestamp > windowStart\n    );\n\n    for (const [sessionId, entries] of this.commandTimestamps) {\n      const filtered = entries.filter((e) => e.timestamp > windowStart);\n      if (filtered.length === 0) {\n        this.commandTimestamps.delete(sessionId);\n      } else {\n        this.commandTimestamps.set(sessionId, filtered);\n      }\n    }\n\n    // Also clean extension UI response timestamps\n    for (const [sessionId, entries] of this.extensionUIResponseTimestamps) {\n      const filtered = entries.filter((e) => e.timestamp > windowStart);\n      if (filtered.length === 0) {\n        this.extensionUIResponseTimestamps.delete(sessionId);\n      } else {\n        this.extensionUIResponseTimestamps.set(sessionId, filtered);\n      }\n    }\n  }\n\n  /**\n   * Start periodic cleanup of stale timestamps.\n   * Call this during server startup to prevent memory leaks from inactive sessions.\n   * @param intervalMs Cleanup interval (default: 5 minutes)\n   */\n  startPeriodicCleanup(intervalMs = DEFAULT_TIMESTAMP_CLEANUP_INTERVAL_MS): void {\n    if (this.cleanupTimer) {\n      return; // Already running\n    }\n\n    this.cleanupTimer = setInterval(() => {\n      this.cleanupStaleTimestamps();\n    }, intervalMs);\n\n    // Don't prevent process exit\n    if (this.cleanupTimer.unref) {\n      this.cleanupTimer.unref();\n    }\n  }\n\n  /**\n   * Stop periodic cleanup.\n   */\n  stopPeriodicCleanup(): void {\n    if (this.cleanupTimer) {\n      clearInterval(this.cleanupTimer);\n      this.cleanupTimer = null;\n    }\n  }\n\n  /**\n   * Clean up stale data for deleted sessions.\n   */\n  cleanupStaleData(activeSessionIds: Set<string>): void {\n    for (const sessionId of this.commandTimestamps.keys()) {\n      if (!activeSessionIds.has(sessionId)) {\n        this.commandTimestamps.delete(sessionId);\n      }\n    }\n\n    for (const sessionId of this.lastHeartbeat.keys()) {\n      if (!activeSessionIds.has(sessionId)) {\n        this.lastHeartbeat.delete(sessionId);\n      }\n    }\n\n    for (const sessionId of this.sessionCreatedAt.keys()) {\n      if (!activeSessionIds.has(sessionId)) {\n        this.sessionCreatedAt.delete(sessionId);\n      }\n    }\n\n    for (const sessionId of this.extensionUIResponseTimestamps.keys()) {\n      if (!activeSessionIds.has(sessionId)) {\n        this.extensionUIResponseTimestamps.delete(sessionId);\n      }\n    }\n  }\n\n  // ==========================================================================\n  // SESSION LIFETIME\n  // ==========================================================================\n\n  /**\n   * Get list of expired session IDs (exceeded maxSessionLifetimeMs).\n   * Returns empty array if maxSessionLifetimeMs is 0 (unlimited).\n   */\n  getExpiredSessions(): string[] {\n    if (this.config.maxSessionLifetimeMs === 0) {\n      return [];\n    }\n\n    const now = Date.now();\n    const expired: string[] = [];\n\n    for (const [sessionId, createdAt] of this.sessionCreatedAt) {\n      if (now - createdAt > this.config.maxSessionLifetimeMs) {\n        expired.push(sessionId);\n      }\n    }\n\n    return expired;\n  }\n\n  /**\n   * Get the creation time for a session.\n   */\n  getSessionCreatedAt(sessionId: string): number | undefined {\n    return this.sessionCreatedAt.get(sessionId);\n  }\n}\n"],
+  "mappings": "AAcA,SAAS,mBAAmB;AA2BrB,MAAM,iBAAyC;AAAA,EACpD,aAAa;AAAA,EACb,qBAAqB,KAAK,OAAO;AAAA;AAAA,EACjC,sBAAsB;AAAA,EACtB,4BAA4B;AAAA,EAC5B,gBAAgB;AAAA,EAChB,qBAAqB;AAAA,EACrB,iBAAiB,IAAI,KAAK;AAAA;AAAA,EAC1B,iCAAiC;AAAA;AAAA,EACjC,sBAAsB,KAAK,KAAK,KAAK;AAAA;AACvC;AAgDA,MAAM,8BAA8B;AAGpC,MAAM,iBAAiB;AAGvB,MAAM,wCAAwC,IAAI,KAAK;AAGvD,MAAM,wBAAwB;AAG9B,MAAM,iBAAiB;AAGvB,MAAM,qBAAqB;AAG3B,MAAM,0BAA0B,CAAC,QAAQ,IAAI;AAyBtC,MAAM,iBAAiB;AAAA,EA2B5B,YACU,SAAiC,gBACjC,SACR;AAFQ;AACA;AAAA,EACP;AAAA,EA7BK,eAAe;AAAA,EACf,kBAAkB;AAAA,EAClB,oBAAoB,oBAAI,IAA8B;AAAA,EACtD,0BAA4C,CAAC;AAAA,EAC7C,gCAAgC,oBAAI,IAA8B;AAAA,EAClE,gBAAgB,oBAAI,IAAoB;AAAA,EACxC,mBAAmB,oBAAI,IAAoB;AAAA,EAC3C,wBAAwB;AAAA,EACxB,mBAAmB;AAAA,IACzB,cAAc;AAAA,IACd,aAAa;AAAA,IACb,WAAW;AAAA,IACX,iBAAiB;AAAA,IACjB,iBAAiB;AAAA,IACjB,8BAA8B;AAAA,EAChC;AAAA,EACQ,yBAAyB;AAAA,EACzB,wBAAwB;AAAA,EACxB,yBAAyB;AAAA;AAAA,EAGzB,oBAAoB;AAAA;AAAA,EAGpB,eAAsC;AAAA;AAAA;AAAA;AAAA;AAAA,EAW9C,WAAW,SAA+B;AACxC,SAAK,UAAU;AAAA,EACjB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMQ,iBAAyB;AAC/B,UAAM,aAAa,EAAE,KAAK;AAG1B,QAAI,KAAK,WAAW,aAAa,QAAS,GAAG;AAC3C,WAAK,QAAQ,MAAM,YAAY,+BAA+B,UAAU;AAAA,IAC1E;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAMA,YAA8C;AAC5C,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,kBAAkB,WAAkC;AAClD,QAAI,CAAC,aAAa,OAAO,cAAc,UAAU;AAC/C,aAAO;AAAA,IACT;AACA,QAAI,UAAU,SAAS,uBAAuB;AAC5C,aAAO,4BAA4B,qBAAqB;AAAA,IAC1D;AACA,QAAI,CAAC,mBAAmB,KAAK,SAAS,GAAG;AACvC,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,YAAY,KAA4B;AACtC,QAAI,CAAC,OAAO,OAAO,QAAQ,UAAU;AACnC,aAAO;AAAA,IACT;AACA,QAAI,IAAI,SAAS,gBAAgB;AAC/B,aAAO,qBAAqB,cAAc;AAAA,IAC5C;AACA,eAAW,WAAW,yBAAyB;AAC7C,UAAI,QAAQ,KAAK,GAAG,GAAG;AACrB,eAAO;AAAA,MACT;AAAA,IACF;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,wBAAiC;AAC/B,QAAI,KAAK,gBAAgB,KAAK,OAAO,aAAa;AAChD,WAAK,iBAAiB;AACtB,aAAO;AAAA,IACT;AACA,SAAK;AACL,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,qBAA2B;AACzB,SAAK;AACL,QAAI,KAAK,eAAe,GAAG;AACzB,WAAK;AACL,WAAK,eAAe;AACpB,cAAQ;AAAA,QACN;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,mBAAmC;AACjC,QAAI,KAAK,gBAAgB,KAAK,OAAO,aAAa;AAChD,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,0BAA0B,KAAK,OAAO,WAAW;AAAA,MAC3D;AAAA,IACF;AACA,WAAO,EAAE,SAAS,KAAK;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,gBAAgB,WAAyB;AACvC,SAAK;AACL,SAAK,gBAAgB,SAAS;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,kBAAkB,WAAyB;AACzC,SAAK;AACL,QAAI,KAAK,eAAe,GAAG;AACzB,WAAK;AACL,WAAK,eAAe;AACpB,cAAQ;AAAA,QACN,gDAAgD,SAAS;AAAA,MAC3D;AAAA,IACF;AACA,SAAK,cAAc,OAAO,SAAS;AACnC,SAAK,iBAAiB,OAAO,SAAS;AACtC,SAAK,kBAAkB,OAAO,SAAS;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA,EAKA,kBAA0B;AACxB,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,sBAAsC;AACpC,QAAI,KAAK,mBAAmB,KAAK,OAAO,gBAAgB;AACtD,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,6BAA6B,KAAK,OAAO,cAAc;AAAA,MACjE;AAAA,IACF;AACA,WAAO,EAAE,SAAS,KAAK;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,qBAA2B;AACzB,SAAK;AAAA,EACP;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,uBAA6B;AAC3B,SAAK;AACL,QAAI,KAAK,kBAAkB,GAAG;AAC5B,WAAK;AACL,WAAK,kBAAkB;AACvB,cAAQ;AAAA,QACN;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,qBAA6B;AAC3B,WAAO,KAAK;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,iBAAiB,WAAmC;AAClD,QAAI,CAAC,OAAO,SAAS,SAAS,KAAK,YAAY,GAAG;AAChD,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,yBAAyB,SAAS;AAAA,MAC5C;AAAA,IACF;AAEA,QAAI,YAAY,KAAK,OAAO,qBAAqB;AAC/C,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,gBAAgB,SAAS,kBAAkB,KAAK,OAAO,mBAAmB;AAAA,MACpF;AAAA,IACF;AACA,WAAO,EAAE,SAAS,KAAK;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,kBAAkB,WAA6D;AAC7E,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,cAAc,MAAM;AAG1B,QAAI,KAAK,wBAAwB,SAAS,6BAA6B;AACrE,WAAK,0BAA0B,KAAK,wBAAwB;AAAA,QAC1D,CAAC,MAAM,EAAE,YAAY;AAAA,MACvB;AAAA,IACF,OAAO;AAEL,WAAK,0BAA0B,KAAK,wBAAwB;AAAA,QAC1D,CAAC,MAAM,EAAE,YAAY;AAAA,MACvB;AAAA,IACF;AAGA,QAAI,KAAK,wBAAwB,UAAU,KAAK,OAAO,4BAA4B;AACjF,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,+BAA+B,KAAK,OAAO,0BAA0B;AAAA,MAC/E;AAAA,IACF;AAGA,QAAI,UAAU,KAAK,kBAAkB,IAAI,SAAS;AAClD,QAAI,CAAC,SAAS;AACZ,gBAAU,CAAC;AACX,WAAK,kBAAkB,IAAI,WAAW,OAAO;AAAA,IAC/C,OAAO;AACL,gBAAU,QAAQ,OAAO,CAAC,MAAM,EAAE,YAAY,WAAW;AACzD,WAAK,kBAAkB,IAAI,WAAW,OAAO;AAAA,IAC/C;AAEA,QAAI,QAAQ,UAAU,KAAK,OAAO,sBAAsB;AACtD,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,wBAAwB,KAAK,OAAO,oBAAoB;AAAA,MAClE;AAAA,IACF;AAGA,UAAM,aAAa,KAAK,eAAe;AACvC,UAAM,QAAwB,EAAE,WAAW,KAAK,WAAW;AAC3D,YAAQ,KAAK,KAAK;AAClB,SAAK,wBAAwB,KAAK,KAAK;AACvC,SAAK;AAEL,WAAO,EAAE,SAAS,MAAM,WAAW;AAAA,EACrC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,cAAc,WAAmB,YAA0B;AACzD,UAAM,iBAAiB,KAAK,kBAAkB,IAAI,SAAS;AAC3D,QAAI,CAAC,gBAAgB;AACnB;AAAA,IACF;AAGA,UAAM,aAAa,eAAe,UAAU,CAAC,MAAM,EAAE,eAAe,UAAU;AAC9E,QAAI,eAAe,IAAI;AACrB;AAAA,IACF;AAEA,mBAAe,OAAO,YAAY,CAAC;AACnC,QAAI,eAAe,WAAW,GAAG;AAC/B,WAAK,kBAAkB,OAAO,SAAS;AAAA,IACzC;AAGA,UAAM,YAAY,KAAK,wBAAwB,UAAU,CAAC,MAAM,EAAE,eAAe,UAAU;AAC3F,QAAI,cAAc,IAAI;AACpB,WAAK,wBAAwB,OAAO,WAAW,CAAC;AAAA,IAClD;AAEA,QAAI,KAAK,wBAAwB,GAAG;AAClC,WAAK;AAAA,IACP;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,kBAAkB,WAAwD;AACxE,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,cAAc,MAAM;AAE1B,UAAM,eACJ,KAAK,kBAAkB,IAAI,SAAS,GAAG,OAAO,CAAC,MAAM,EAAE,YAAY,WAAW,EAAE,UAAU;AAC5F,UAAM,cAAc,KAAK,wBAAwB;AAAA,MAC/C,CAAC,MAAM,EAAE,YAAY;AAAA,IACvB,EAAE;AAEF,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ;AAAA,IACV;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,8BAA8B,WAAmC;AAC/D,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,cAAc,MAAM;AAE1B,QAAI,UAAU,KAAK,8BAA8B,IAAI,SAAS;AAC9D,QAAI,CAAC,SAAS;AACZ,gBAAU,CAAC;AACX,WAAK,8BAA8B,IAAI,WAAW,OAAO;AAAA,IAC3D,OAAO;AACL,gBAAU,QAAQ,OAAO,CAAC,MAAM,EAAE,YAAY,WAAW;AACzD,WAAK,8BAA8B,IAAI,WAAW,OAAO;AAAA,IAC3D;AAEA,QAAI,QAAQ,UAAU,KAAK,OAAO,iCAAiC;AACjE,WAAK,iBAAiB;AACtB,aAAO;AAAA,QACL,SAAS;AAAA,QACT,QAAQ,8CAA8C,KAAK,OAAO,+BAA+B;AAAA,MACnG;AAAA,IACF;AAGA,UAAM,aAAa,KAAK,eAAe;AACvC,YAAQ,KAAK,EAAE,WAAW,KAAK,WAAW,CAAC;AAC3C,WAAO,EAAE,SAAS,KAAK;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,gBAAgB,WAAyB;AACvC,UAAM,MAAM,KAAK,IAAI;AACrB,SAAK,cAAc,IAAI,WAAW,GAAG;AAErC,QAAI,CAAC,KAAK,iBAAiB,IAAI,SAAS,GAAG;AACzC,WAAK,iBAAiB,IAAI,WAAW,GAAG;AAAA,IAC1C;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,kBAAkB,kBAAkB,MAAgB;AAClD,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,UAAoB,CAAC;AAE3B,eAAW,CAAC,WAAW,QAAQ,KAAK,KAAK,eAAe;AACtD,UAAI,MAAM,WAAW,KAAK,OAAO,iBAAiB;AAChD,gBAAQ,KAAK,SAAS;AAAA,MACxB;AAAA,IACF;AAEA,QAAI,mBAAmB,QAAQ,SAAS,GAAG;AACzC,WAAK,0BAA0B,QAAQ;AAAA,IACzC;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,wBAAkC;AAChC,UAAM,UAAU,KAAK,kBAAkB;AACvC,eAAW,aAAa,SAAS;AAC/B,WAAK,cAAc,OAAO,SAAS;AACnC,WAAK,kBAAkB,OAAO,SAAS;AAAA,IACzC;AACA,QAAI,QAAQ,SAAS,GAAG;AACtB,WAAK,yBAAyB,QAAQ;AAAA,IACxC;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,iBAAiB,WAAuC;AACtD,WAAO,KAAK,cAAc,IAAI,SAAS;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,aAA8B;AAC5B,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,cAAc,MAAM;AAC1B,UAAM,cAAc,KAAK,wBAAwB;AAAA,MAC/C,CAAC,MAAM,EAAE,YAAY;AAAA,IACvB,EAAE;AAEF,WAAO;AAAA,MACL,cAAc,KAAK;AAAA,MACnB,iBAAiB,KAAK;AAAA,MACtB,uBAAuB,KAAK;AAAA,MAC5B,kBAAkB,EAAE,GAAG,KAAK,iBAAiB;AAAA,MAC7C,wBAAwB,KAAK;AAAA,MAC7B,uBAAuB,KAAK;AAAA,MAC5B,wBAAwB,KAAK;AAAA,MAC7B,gBAAgB;AAAA,QACd;AAAA,QACA,aAAa,KAAK,OAAO;AAAA,MAC3B;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,YAAoD;AAClD,UAAM,SAAmB,CAAC;AAE1B,QAAI,KAAK,gBAAgB,KAAK,OAAO,cAAc,KAAK;AACtD,aAAO,KAAK,oBAAoB,KAAK,YAAY,IAAI,KAAK,OAAO,WAAW,SAAS;AAAA,IACvF;AACA,QAAI,KAAK,mBAAmB,KAAK,OAAO,iBAAiB,KAAK;AAC5D,aAAO;AAAA,QACL,uBAAuB,KAAK,eAAe,IAAI,KAAK,OAAO,cAAc;AAAA,MAC3E;AAAA,IACF;AAEA,UAAM,UAAU,KAAK,kBAAkB,KAAK;AAC5C,QAAI,QAAQ,SAAS,GAAG;AACtB,aAAO,KAAK,GAAG,QAAQ,MAAM,2BAA2B;AAAA,IAC1D;AAEA,WAAO;AAAA,MACL,SAAS,OAAO,WAAW;AAAA,MAC3B;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,eAAqB;AACnB,SAAK,wBAAwB;AAC7B,SAAK,mBAAmB;AAAA,MACtB,cAAc;AAAA,MACd,aAAa;AAAA,MACb,WAAW;AAAA,MACX,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,8BAA8B;AAAA,IAChC;AACA,SAAK,yBAAyB;AAC9B,SAAK,wBAAwB;AAAA,EAC/B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,yBAA+B;AAC7B,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,cAAc,MAAM;AAE1B,SAAK,0BAA0B,KAAK,wBAAwB;AAAA,MAC1D,CAAC,MAAM,EAAE,YAAY;AAAA,IACvB;AAEA,eAAW,CAAC,WAAW,OAAO,KAAK,KAAK,mBAAmB;AACzD,YAAM,WAAW,QAAQ,OAAO,CAAC,MAAM,EAAE,YAAY,WAAW;AAChE,UAAI,SAAS,WAAW,GAAG;AACzB,aAAK,kBAAkB,OAAO,SAAS;AAAA,MACzC,OAAO;AACL,aAAK,kBAAkB,IAAI,WAAW,QAAQ;AAAA,MAChD;AAAA,IACF;AAGA,eAAW,CAAC,WAAW,OAAO,KAAK,KAAK,+BAA+B;AACrE,YAAM,WAAW,QAAQ,OAAO,CAAC,MAAM,EAAE,YAAY,WAAW;AAChE,UAAI,SAAS,WAAW,GAAG;AACzB,aAAK,8BAA8B,OAAO,SAAS;AAAA,MACrD,OAAO;AACL,aAAK,8BAA8B,IAAI,WAAW,QAAQ;AAAA,MAC5D;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,qBAAqB,aAAa,uCAA6C;AAC7E,QAAI,KAAK,cAAc;AACrB;AAAA,IACF;AAEA,SAAK,eAAe,YAAY,MAAM;AACpC,WAAK,uBAAuB;AAAA,IAC9B,GAAG,UAAU;AAGb,QAAI,KAAK,aAAa,OAAO;AAC3B,WAAK,aAAa,MAAM;AAAA,IAC1B;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,sBAA4B;AAC1B,QAAI,KAAK,cAAc;AACrB,oBAAc,KAAK,YAAY;AAC/B,WAAK,eAAe;AAAA,IACtB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,iBAAiB,kBAAqC;AACpD,eAAW,aAAa,KAAK,kBAAkB,KAAK,GAAG;AACrD,UAAI,CAAC,iBAAiB,IAAI,SAAS,GAAG;AACpC,aAAK,kBAAkB,OAAO,SAAS;AAAA,MACzC;AAAA,IACF;AAEA,eAAW,aAAa,KAAK,cAAc,KAAK,GAAG;AACjD,UAAI,CAAC,iBAAiB,IAAI,SAAS,GAAG;AACpC,aAAK,cAAc,OAAO,SAAS;AAAA,MACrC;AAAA,IACF;AAEA,eAAW,aAAa,KAAK,iBAAiB,KAAK,GAAG;AACpD,UAAI,CAAC,iBAAiB,IAAI,SAAS,GAAG;AACpC,aAAK,iBAAiB,OAAO,SAAS;AAAA,MACxC;AAAA,IACF;AAEA,eAAW,aAAa,KAAK,8BAA8B,KAAK,GAAG;AACjE,UAAI,CAAC,iBAAiB,IAAI,SAAS,GAAG;AACpC,aAAK,8BAA8B,OAAO,SAAS;AAAA,MACrD;AAAA,IACF;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,qBAA+B;AAC7B,QAAI,KAAK,OAAO,yBAAyB,GAAG;AAC1C,aAAO,CAAC;AAAA,IACV;AAEA,UAAM,MAAM,KAAK,IAAI;AACrB,UAAM,UAAoB,CAAC;AAE3B,eAAW,CAAC,WAAW,SAAS,KAAK,KAAK,kBAAkB;AAC1D,UAAI,MAAM,YAAY,KAAK,OAAO,sBAAsB;AACtD,gBAAQ,KAAK,SAAS;AAAA,MACxB;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,oBAAoB,WAAuC;AACzD,WAAO,KAAK,iBAAiB,IAAI,SAAS;AAAA,EAC5C;AACF;",
+  "names": []
+}