studiograph 1.3.47 → 1.3.48-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1067) hide show
  1. package/README.md +26 -16
  2. package/dist/agent/agent-pool.d.ts +117 -0
  3. package/dist/agent/agent-pool.js +287 -0
  4. package/dist/agent/agent-pool.js.map +1 -0
  5. package/dist/agent/followups.d.ts +34 -0
  6. package/dist/agent/followups.js +52 -0
  7. package/dist/agent/followups.js.map +1 -0
  8. package/dist/agent/orchestrator.d.ts +113 -22
  9. package/dist/agent/orchestrator.js +573 -181
  10. package/dist/agent/orchestrator.js.map +1 -1
  11. package/dist/agent/prompts/entity-types-section.d.ts +36 -0
  12. package/dist/agent/prompts/entity-types-section.js +90 -0
  13. package/dist/agent/prompts/entity-types-section.js.map +1 -0
  14. package/dist/agent/prompts/system.md +148 -69
  15. package/dist/agent/skill-loader.d.ts +30 -17
  16. package/dist/agent/skill-loader.js +63 -30
  17. package/dist/agent/skill-loader.js.map +1 -1
  18. package/dist/agent/skills/entity-schema.md +77 -433
  19. package/dist/agent/skills/interview/entity-templates.md +193 -0
  20. package/dist/agent/skills/interview/question-domains.md +391 -0
  21. package/dist/agent/skills/interview/skill.md +204 -0
  22. package/dist/agent/skills/schema-rules.md +54 -0
  23. package/dist/agent/tools/capture-tools.d.ts +31 -0
  24. package/dist/agent/tools/capture-tools.js +40 -0
  25. package/dist/agent/tools/capture-tools.js.map +1 -0
  26. package/dist/agent/tools/folder-tools.d.ts +47 -0
  27. package/dist/agent/tools/folder-tools.js +249 -0
  28. package/dist/agent/tools/folder-tools.js.map +1 -0
  29. package/dist/agent/tools/fs-tools.d.ts +7 -6
  30. package/dist/agent/tools/fs-tools.js +5 -4
  31. package/dist/agent/tools/fs-tools.js.map +1 -1
  32. package/dist/agent/tools/graph-tools.d.ts +21 -58
  33. package/dist/agent/tools/graph-tools.js +635 -332
  34. package/dist/agent/tools/graph-tools.js.map +1 -1
  35. package/dist/agent/tools/history-tools.d.ts +95 -0
  36. package/dist/agent/tools/history-tools.js +461 -0
  37. package/dist/agent/tools/history-tools.js.map +1 -0
  38. package/dist/agent/tools/load-skill.d.ts +6 -5
  39. package/dist/agent/tools/load-skill.js +3 -3
  40. package/dist/agent/tools/load-skill.js.map +1 -1
  41. package/dist/agent/tools/ops-tools.d.ts +5 -4
  42. package/dist/agent/tools/ops-tools.js +130 -236
  43. package/dist/agent/tools/ops-tools.js.map +1 -1
  44. package/dist/agent/tools/permission-tools.d.ts +87 -17
  45. package/dist/agent/tools/permission-tools.js +233 -38
  46. package/dist/agent/tools/permission-tools.js.map +1 -1
  47. package/dist/agent/tools/tool-loader.js +5 -4
  48. package/dist/agent/tools/tool-loader.js.map +1 -1
  49. package/dist/agent/tools/web-tools.d.ts +18 -0
  50. package/dist/agent/tools/web-tools.js +283 -0
  51. package/dist/agent/tools/web-tools.js.map +1 -0
  52. package/dist/cli/commands/about.d.ts +1 -0
  53. package/dist/cli/commands/about.js +55 -3
  54. package/dist/cli/commands/about.js.map +1 -1
  55. package/dist/cli/commands/admin/audit-workspace.d.ts +23 -0
  56. package/dist/cli/commands/admin/audit-workspace.js +133 -0
  57. package/dist/cli/commands/admin/audit-workspace.js.map +1 -0
  58. package/dist/cli/commands/admin/audit.d.ts +21 -0
  59. package/dist/cli/commands/admin/audit.js +174 -0
  60. package/dist/cli/commands/admin/audit.js.map +1 -0
  61. package/dist/cli/commands/admin/backup.d.ts +54 -0
  62. package/dist/cli/commands/admin/backup.js +207 -0
  63. package/dist/cli/commands/admin/backup.js.map +1 -0
  64. package/dist/cli/commands/admin/folder.d.ts +11 -0
  65. package/dist/cli/commands/admin/folder.js +186 -0
  66. package/dist/cli/commands/admin/folder.js.map +1 -0
  67. package/dist/cli/commands/admin/index.d.ts +16 -0
  68. package/dist/cli/commands/admin/index.js +46 -0
  69. package/dist/cli/commands/admin/index.js.map +1 -0
  70. package/dist/cli/commands/admin/migrate-assets.d.ts +53 -0
  71. package/dist/cli/commands/admin/migrate-assets.js +184 -0
  72. package/dist/cli/commands/admin/migrate-assets.js.map +1 -0
  73. package/dist/cli/commands/admin/migrate.d.ts +56 -0
  74. package/dist/cli/commands/admin/migrate.js +263 -0
  75. package/dist/cli/commands/admin/migrate.js.map +1 -0
  76. package/dist/cli/commands/admin/restore.d.ts +24 -0
  77. package/dist/cli/commands/admin/restore.js +228 -0
  78. package/dist/cli/commands/admin/restore.js.map +1 -0
  79. package/dist/cli/commands/admin/secrets.d.ts +23 -0
  80. package/dist/cli/commands/admin/secrets.js +256 -0
  81. package/dist/cli/commands/admin/secrets.js.map +1 -0
  82. package/dist/cli/commands/admin/settings.d.ts +28 -0
  83. package/dist/cli/commands/admin/settings.js +284 -0
  84. package/dist/cli/commands/admin/settings.js.map +1 -0
  85. package/dist/cli/commands/admin/token.d.ts +42 -0
  86. package/dist/cli/commands/admin/token.js +126 -0
  87. package/dist/cli/commands/admin/token.js.map +1 -0
  88. package/dist/cli/commands/admin/transfer-ownership.d.ts +15 -0
  89. package/dist/cli/commands/admin/transfer-ownership.js +106 -0
  90. package/dist/cli/commands/admin/transfer-ownership.js.map +1 -0
  91. package/dist/cli/commands/admin/user.d.ts +11 -0
  92. package/dist/cli/commands/admin/user.js +187 -0
  93. package/dist/cli/commands/admin/user.js.map +1 -0
  94. package/dist/cli/commands/clone.d.ts +25 -3
  95. package/dist/cli/commands/clone.js +142 -36
  96. package/dist/cli/commands/clone.js.map +1 -1
  97. package/dist/cli/commands/commit.d.ts +1 -1
  98. package/dist/cli/commands/commit.js +24 -11
  99. package/dist/cli/commands/commit.js.map +1 -1
  100. package/dist/cli/commands/config.d.ts +23 -107
  101. package/dist/cli/commands/config.js +52 -260
  102. package/dist/cli/commands/config.js.map +1 -1
  103. package/dist/cli/commands/connector.d.ts +10 -13
  104. package/dist/cli/commands/connector.js +16 -58
  105. package/dist/cli/commands/connector.js.map +1 -1
  106. package/dist/cli/commands/deploy.js +215 -68
  107. package/dist/cli/commands/deploy.js.map +1 -1
  108. package/dist/cli/commands/index.js +2 -2
  109. package/dist/cli/commands/index.js.map +1 -1
  110. package/dist/cli/commands/init.js +10 -30
  111. package/dist/cli/commands/init.js.map +1 -1
  112. package/dist/cli/commands/mcp.js +12 -4
  113. package/dist/cli/commands/mcp.js.map +1 -1
  114. package/dist/cli/commands/orphans.js +14 -30
  115. package/dist/cli/commands/orphans.js.map +1 -1
  116. package/dist/cli/commands/r2.d.ts +3 -0
  117. package/dist/cli/commands/r2.js +223 -204
  118. package/dist/cli/commands/r2.js.map +1 -1
  119. package/dist/cli/commands/redeploy.js +65 -12
  120. package/dist/cli/commands/redeploy.js.map +1 -1
  121. package/dist/cli/commands/reset.d.ts +22 -6
  122. package/dist/cli/commands/reset.js +142 -63
  123. package/dist/cli/commands/reset.js.map +1 -1
  124. package/dist/cli/commands/serve.js +209 -24
  125. package/dist/cli/commands/serve.js.map +1 -1
  126. package/dist/cli/commands/sync.d.ts +1 -1
  127. package/dist/cli/commands/sync.js +372 -202
  128. package/dist/cli/commands/sync.js.map +1 -1
  129. package/dist/cli/crypto-bundle.d.ts +39 -0
  130. package/dist/cli/crypto-bundle.js +94 -0
  131. package/dist/cli/crypto-bundle.js.map +1 -0
  132. package/dist/cli/index.js +24 -35
  133. package/dist/cli/index.js.map +1 -1
  134. package/dist/cli/railway-pin.d.ts +68 -0
  135. package/dist/cli/railway-pin.js +96 -0
  136. package/dist/cli/railway-pin.js.map +1 -0
  137. package/dist/cli/railway-provisioning.d.ts +53 -0
  138. package/dist/cli/railway-provisioning.js +85 -0
  139. package/dist/cli/railway-provisioning.js.map +1 -0
  140. package/dist/cli/setup-wizard.d.ts +33 -52
  141. package/dist/cli/setup-wizard.js +43 -68
  142. package/dist/cli/setup-wizard.js.map +1 -1
  143. package/dist/core/accent-palette.d.ts +22 -0
  144. package/dist/core/accent-palette.js +47 -0
  145. package/dist/core/accent-palette.js.map +1 -0
  146. package/dist/core/cell-anchor.d.ts +29 -0
  147. package/dist/core/cell-anchor.js +53 -0
  148. package/dist/core/cell-anchor.js.map +1 -0
  149. package/dist/core/comment-anchor.d.ts +41 -0
  150. package/dist/core/comment-anchor.js +147 -0
  151. package/dist/core/comment-anchor.js.map +1 -0
  152. package/dist/core/commit-messages.d.ts +57 -0
  153. package/dist/core/commit-messages.js +85 -0
  154. package/dist/core/commit-messages.js.map +1 -0
  155. package/dist/core/embeds.d.ts +56 -0
  156. package/dist/core/embeds.js +103 -0
  157. package/dist/core/embeds.js.map +1 -0
  158. package/dist/core/entity-body-templates.d.ts +21 -0
  159. package/dist/core/entity-body-templates.js +53 -0
  160. package/dist/core/entity-body-templates.js.map +1 -0
  161. package/dist/core/entity-types-catalog.d.ts +65 -0
  162. package/dist/core/entity-types-catalog.js +140 -0
  163. package/dist/core/entity-types-catalog.js.map +1 -0
  164. package/dist/core/folder-paths.d.ts +41 -0
  165. package/dist/core/folder-paths.js +95 -0
  166. package/dist/core/folder-paths.js.map +1 -0
  167. package/dist/core/folder-sidecar.d.ts +36 -0
  168. package/dist/core/folder-sidecar.js +91 -0
  169. package/dist/core/folder-sidecar.js.map +1 -0
  170. package/dist/core/graph.d.ts +675 -14
  171. package/dist/core/graph.js +2118 -314
  172. package/dist/core/graph.js.map +1 -1
  173. package/dist/core/history-diff.d.ts +35 -0
  174. package/dist/core/history-diff.js +114 -0
  175. package/dist/core/history-diff.js.map +1 -0
  176. package/dist/core/schema-registry.d.ts +59 -0
  177. package/dist/core/schema-registry.js +198 -0
  178. package/dist/core/schema-registry.js.map +1 -1
  179. package/dist/core/schemas/connector.d.ts +67 -0
  180. package/dist/core/schemas/connector.js +100 -0
  181. package/dist/core/schemas/connector.js.map +1 -0
  182. package/dist/core/schemas/workspace.d.ts +122 -0
  183. package/dist/core/schemas/workspace.js +211 -0
  184. package/dist/core/schemas/workspace.js.map +1 -0
  185. package/dist/core/secrets/SecretStore.d.ts +77 -0
  186. package/dist/core/secrets/SecretStore.js +13 -0
  187. package/dist/core/secrets/SecretStore.js.map +1 -0
  188. package/dist/core/secrets/SettingsResolver.d.ts +54 -0
  189. package/dist/core/secrets/SettingsResolver.js +80 -0
  190. package/dist/core/secrets/SettingsResolver.js.map +1 -0
  191. package/dist/core/secrets/SettingsStore.d.ts +30 -0
  192. package/dist/core/secrets/SettingsStore.js +9 -0
  193. package/dist/core/secrets/SettingsStore.js.map +1 -0
  194. package/dist/core/secrets/SqliteEncryptedStore.d.ts +90 -0
  195. package/dist/core/secrets/SqliteEncryptedStore.js +598 -0
  196. package/dist/core/secrets/SqliteEncryptedStore.js.map +1 -0
  197. package/dist/core/secrets/audit.d.ts +36 -0
  198. package/dist/core/secrets/audit.js +60 -0
  199. package/dist/core/secrets/audit.js.map +1 -0
  200. package/dist/core/secrets/auth-db-migration.d.ts +129 -0
  201. package/dist/core/secrets/auth-db-migration.js +653 -0
  202. package/dist/core/secrets/auth-db-migration.js.map +1 -0
  203. package/dist/core/secrets/bundle.d.ts +141 -0
  204. package/dist/core/secrets/bundle.js +435 -0
  205. package/dist/core/secrets/bundle.js.map +1 -0
  206. package/dist/core/secrets/dual-write.d.ts +81 -0
  207. package/dist/core/secrets/dual-write.js +247 -0
  208. package/dist/core/secrets/dual-write.js.map +1 -0
  209. package/dist/core/secrets/encryption.d.ts +44 -0
  210. package/dist/core/secrets/encryption.js +97 -0
  211. package/dist/core/secrets/encryption.js.map +1 -0
  212. package/dist/core/secrets/index.d.ts +49 -0
  213. package/dist/core/secrets/index.js +74 -0
  214. package/dist/core/secrets/index.js.map +1 -0
  215. package/dist/core/secrets/master-key.d.ts +38 -0
  216. package/dist/core/secrets/master-key.js +122 -0
  217. package/dist/core/secrets/master-key.js.map +1 -0
  218. package/dist/core/secrets/probes/anthropic.d.ts +98 -0
  219. package/dist/core/secrets/probes/anthropic.js +300 -0
  220. package/dist/core/secrets/probes/anthropic.js.map +1 -0
  221. package/dist/core/secrets/probes/brave.d.ts +9 -0
  222. package/dist/core/secrets/probes/brave.js +15 -0
  223. package/dist/core/secrets/probes/brave.js.map +1 -0
  224. package/dist/core/secrets/probes/r2.d.ts +15 -0
  225. package/dist/core/secrets/probes/r2.js +14 -0
  226. package/dist/core/secrets/probes/r2.js.map +1 -0
  227. package/dist/core/secrets/probes/voyage.d.ts +13 -0
  228. package/dist/core/secrets/probes/voyage.js +52 -0
  229. package/dist/core/secrets/probes/voyage.js.map +1 -0
  230. package/dist/core/secrets/r2-structural-migration.d.ts +39 -0
  231. package/dist/core/secrets/r2-structural-migration.js +109 -0
  232. package/dist/core/secrets/r2-structural-migration.js.map +1 -0
  233. package/dist/core/secrets/read-flip.d.ts +59 -0
  234. package/dist/core/secrets/read-flip.js +87 -0
  235. package/dist/core/secrets/read-flip.js.map +1 -0
  236. package/dist/core/secrets/registry.d.ts +188 -0
  237. package/dist/core/secrets/registry.js +598 -0
  238. package/dist/core/secrets/registry.js.map +1 -0
  239. package/dist/core/types.d.ts +77 -455
  240. package/dist/core/types.js +17 -3
  241. package/dist/core/types.js.map +1 -1
  242. package/dist/core/user-config.d.ts +75 -7
  243. package/dist/core/user-config.js +155 -7
  244. package/dist/core/user-config.js.map +1 -1
  245. package/dist/core/validation.d.ts +717 -1791
  246. package/dist/core/validation.js +357 -228
  247. package/dist/core/validation.js.map +1 -1
  248. package/dist/core/workspace-manager.d.ts +79 -12
  249. package/dist/core/workspace-manager.js +213 -73
  250. package/dist/core/workspace-manager.js.map +1 -1
  251. package/dist/core/workspace.d.ts +19 -5
  252. package/dist/core/workspace.js +69 -35
  253. package/dist/core/workspace.js.map +1 -1
  254. package/dist/mcp/comment-virtual-entity.d.ts +36 -0
  255. package/dist/mcp/comment-virtual-entity.js +71 -0
  256. package/dist/mcp/comment-virtual-entity.js.map +1 -0
  257. package/dist/mcp/connector-manager.d.ts +94 -13
  258. package/dist/mcp/connector-manager.js +283 -62
  259. package/dist/mcp/connector-manager.js.map +1 -1
  260. package/dist/mcp/oauth-provider.d.ts +27 -33
  261. package/dist/mcp/oauth-provider.js +65 -134
  262. package/dist/mcp/oauth-provider.js.map +1 -1
  263. package/dist/mcp/oauth-registry.d.ts +62 -0
  264. package/dist/mcp/oauth-registry.js +85 -0
  265. package/dist/mcp/oauth-registry.js.map +1 -0
  266. package/dist/mcp/server.d.ts +11 -3
  267. package/dist/mcp/server.js +30 -5
  268. package/dist/mcp/server.js.map +1 -1
  269. package/dist/mcp/state-signer.d.ts +41 -0
  270. package/dist/mcp/state-signer.js +120 -0
  271. package/dist/mcp/state-signer.js.map +1 -0
  272. package/dist/mcp/tools.d.ts +35 -2
  273. package/dist/mcp/tools.js +1051 -117
  274. package/dist/mcp/tools.js.map +1 -1
  275. package/dist/server/__tests__/helpers/graph-api.d.ts +18 -0
  276. package/dist/server/__tests__/helpers/graph-api.js +16 -0
  277. package/dist/server/__tests__/helpers/graph-api.js.map +1 -0
  278. package/dist/server/body-write-coordinator.d.ts +151 -0
  279. package/dist/server/body-write-coordinator.js +161 -0
  280. package/dist/server/body-write-coordinator.js.map +1 -0
  281. package/dist/server/cloud-billing-flow.d.ts +32 -0
  282. package/dist/server/cloud-billing-flow.js +75 -0
  283. package/dist/server/cloud-billing-flow.js.map +1 -0
  284. package/dist/server/commit-audit.d.ts +26 -0
  285. package/dist/server/commit-audit.js +30 -0
  286. package/dist/server/commit-audit.js.map +1 -0
  287. package/dist/server/index.d.ts +14 -3
  288. package/dist/server/index.js +451 -193
  289. package/dist/server/index.js.map +1 -1
  290. package/dist/server/middleware/sanitize.d.ts +46 -0
  291. package/dist/server/middleware/sanitize.js +171 -0
  292. package/dist/server/middleware/sanitize.js.map +1 -0
  293. package/dist/server/routes/asset-api.d.ts +10 -0
  294. package/dist/server/routes/asset-api.js +294 -0
  295. package/dist/server/routes/asset-api.js.map +1 -0
  296. package/dist/server/routes/audit-api.d.ts +24 -0
  297. package/dist/server/routes/audit-api.js +117 -0
  298. package/dist/server/routes/audit-api.js.map +1 -0
  299. package/dist/server/routes/auth-api.d.ts +3 -2
  300. package/dist/server/routes/auth-api.js +519 -38
  301. package/dist/server/routes/auth-api.js.map +1 -1
  302. package/dist/server/routes/capture-api.d.ts +18 -0
  303. package/dist/server/routes/capture-api.js +257 -0
  304. package/dist/server/routes/capture-api.js.map +1 -0
  305. package/dist/server/routes/chat.d.ts +4 -1
  306. package/dist/server/routes/chat.js +298 -88
  307. package/dist/server/routes/chat.js.map +1 -1
  308. package/dist/server/routes/comments-api.d.ts +15 -0
  309. package/dist/server/routes/comments-api.js +444 -0
  310. package/dist/server/routes/comments-api.js.map +1 -0
  311. package/dist/server/routes/config-api.d.ts +21 -0
  312. package/dist/server/routes/config-api.js +256 -0
  313. package/dist/server/routes/config-api.js.map +1 -0
  314. package/dist/server/routes/connectors-api.d.ts +17 -0
  315. package/dist/server/routes/connectors-api.js +410 -0
  316. package/dist/server/routes/connectors-api.js.map +1 -0
  317. package/dist/server/routes/event-ingest-api.d.ts +15 -0
  318. package/dist/server/routes/event-ingest-api.js +125 -0
  319. package/dist/server/routes/event-ingest-api.js.map +1 -0
  320. package/dist/server/routes/git-http.d.ts +3 -3
  321. package/dist/server/routes/git-http.js +86 -38
  322. package/dist/server/routes/git-http.js.map +1 -1
  323. package/dist/server/routes/graph-api-access.d.ts +35 -0
  324. package/dist/server/routes/graph-api-access.js +105 -0
  325. package/dist/server/routes/graph-api-access.js.map +1 -0
  326. package/dist/server/routes/graph-api.d.ts +3 -2
  327. package/dist/server/routes/graph-api.js +1321 -263
  328. package/dist/server/routes/graph-api.js.map +1 -1
  329. package/dist/server/routes/health.d.ts +18 -0
  330. package/dist/server/routes/health.js +74 -0
  331. package/dist/server/routes/health.js.map +1 -0
  332. package/dist/server/routes/insights-api.d.ts +1 -2
  333. package/dist/server/routes/insights-api.js +149 -41
  334. package/dist/server/routes/insights-api.js.map +1 -1
  335. package/dist/server/routes/mcp.d.ts +7 -3
  336. package/dist/server/routes/mcp.js +22 -6
  337. package/dist/server/routes/mcp.js.map +1 -1
  338. package/dist/server/routes/permissions-api.d.ts +9 -2
  339. package/dist/server/routes/permissions-api.js +87 -30
  340. package/dist/server/routes/permissions-api.js.map +1 -1
  341. package/dist/server/routes/r2-api.d.ts +25 -0
  342. package/dist/server/routes/r2-api.js +276 -0
  343. package/dist/server/routes/r2-api.js.map +1 -0
  344. package/dist/server/routes/secrets-api.d.ts +36 -0
  345. package/dist/server/routes/secrets-api.js +308 -0
  346. package/dist/server/routes/secrets-api.js.map +1 -0
  347. package/dist/server/routes/settings-api.d.ts +29 -0
  348. package/dist/server/routes/settings-api.js +180 -0
  349. package/dist/server/routes/settings-api.js.map +1 -0
  350. package/dist/server/routes/url-api.d.ts +7 -0
  351. package/dist/server/routes/url-api.js +74 -0
  352. package/dist/server/routes/url-api.js.map +1 -0
  353. package/dist/server/routes/views-api.js +81 -7
  354. package/dist/server/routes/views-api.js.map +1 -1
  355. package/dist/server/routes/workspace-api.d.ts +2 -1
  356. package/dist/server/routes/workspace-api.js +124 -35
  357. package/dist/server/routes/workspace-api.js.map +1 -1
  358. package/dist/server/routes/ws.d.ts +2 -1
  359. package/dist/server/routes/ws.js +64 -16
  360. package/dist/server/routes/ws.js.map +1 -1
  361. package/dist/server/session-manager.d.ts +48 -5
  362. package/dist/server/session-manager.js +182 -15
  363. package/dist/server/session-manager.js.map +1 -1
  364. package/dist/server/ws-hub.d.ts +138 -14
  365. package/dist/server/ws-hub.js +0 -0
  366. package/dist/server/ws-hub.js.map +1 -1
  367. package/dist/server/yjs-manager.d.ts +285 -7
  368. package/dist/server/yjs-manager.js +907 -36
  369. package/dist/server/yjs-manager.js.map +1 -1
  370. package/dist/server/yjs-persistence.d.ts +165 -0
  371. package/dist/server/yjs-persistence.js +557 -0
  372. package/dist/server/yjs-persistence.js.map +1 -0
  373. package/dist/server/yjs-text-diff.d.ts +32 -0
  374. package/dist/server/yjs-text-diff.js +61 -0
  375. package/dist/server/yjs-text-diff.js.map +1 -0
  376. package/dist/services/access-control.d.ts +73 -0
  377. package/dist/services/access-control.js +146 -0
  378. package/dist/services/access-control.js.map +1 -0
  379. package/dist/services/asset-listing.d.ts +39 -0
  380. package/dist/services/asset-listing.js +125 -0
  381. package/dist/services/asset-listing.js.map +1 -0
  382. package/dist/services/asset-upload-service.d.ts +53 -0
  383. package/dist/services/asset-upload-service.js +201 -0
  384. package/dist/services/asset-upload-service.js.map +1 -0
  385. package/dist/services/assets/asset-index-service.d.ts +82 -0
  386. package/dist/services/assets/asset-index-service.js +167 -0
  387. package/dist/services/assets/asset-index-service.js.map +1 -0
  388. package/dist/services/assets/base.d.ts +44 -0
  389. package/dist/services/assets/base.js +55 -0
  390. package/dist/services/assets/base.js.map +1 -1
  391. package/dist/services/assets/index.d.ts +69 -1
  392. package/dist/services/assets/index.js +125 -0
  393. package/dist/services/assets/index.js.map +1 -1
  394. package/dist/services/assets/local.d.ts +12 -1
  395. package/dist/services/assets/local.js +100 -1
  396. package/dist/services/assets/local.js.map +1 -1
  397. package/dist/services/assets/r2-sync.d.ts +88 -0
  398. package/dist/services/assets/r2-sync.js +412 -0
  399. package/dist/services/assets/r2-sync.js.map +1 -0
  400. package/dist/services/assets/r2.d.ts +34 -1
  401. package/dist/services/assets/r2.js +93 -1
  402. package/dist/services/assets/r2.js.map +1 -1
  403. package/dist/services/auth-service.d.ts +314 -36
  404. package/dist/services/auth-service.js +1126 -139
  405. package/dist/services/auth-service.js.map +1 -1
  406. package/dist/services/bookmark-import-service.d.ts +49 -0
  407. package/dist/services/bookmark-import-service.js +250 -0
  408. package/dist/services/bookmark-import-service.js.map +1 -0
  409. package/dist/services/cloud-inference-billing.d.ts +64 -0
  410. package/dist/services/cloud-inference-billing.js +313 -0
  411. package/dist/services/cloud-inference-billing.js.map +1 -0
  412. package/dist/services/comment-service.d.ts +97 -0
  413. package/dist/services/comment-service.js +341 -0
  414. package/dist/services/comment-service.js.map +1 -0
  415. package/dist/services/csv-service.d.ts +22 -17
  416. package/dist/services/csv-service.js +55 -92
  417. package/dist/services/csv-service.js.map +1 -1
  418. package/dist/services/entity-mutations.d.ts +161 -0
  419. package/dist/services/entity-mutations.js +296 -0
  420. package/dist/services/entity-mutations.js.map +1 -0
  421. package/dist/services/event-processor.d.ts +104 -0
  422. package/dist/services/event-processor.js +441 -0
  423. package/dist/services/event-processor.js.map +1 -0
  424. package/dist/services/folder-creation.d.ts +33 -0
  425. package/dist/services/folder-creation.js +103 -0
  426. package/dist/services/folder-creation.js.map +1 -0
  427. package/dist/services/git.d.ts +54 -0
  428. package/dist/services/git.js +188 -54
  429. package/dist/services/git.js.map +1 -1
  430. package/dist/services/graph-maintenance.d.ts +42 -0
  431. package/dist/services/graph-maintenance.js +143 -0
  432. package/dist/services/graph-maintenance.js.map +1 -0
  433. package/dist/services/import-service.d.ts +45 -2
  434. package/dist/services/import-service.js +304 -100
  435. package/dist/services/import-service.js.map +1 -1
  436. package/dist/services/lint-service.js +9 -16
  437. package/dist/services/lint-service.js.map +1 -1
  438. package/dist/services/markdown.d.ts +12 -1
  439. package/dist/services/markdown.js +71 -6
  440. package/dist/services/markdown.js.map +1 -1
  441. package/dist/services/memory-service.d.ts +22 -14
  442. package/dist/services/memory-service.js +53 -35
  443. package/dist/services/memory-service.js.map +1 -1
  444. package/dist/services/mention-detector.d.ts +23 -0
  445. package/dist/services/mention-detector.js +47 -0
  446. package/dist/services/mention-detector.js.map +1 -0
  447. package/dist/services/notification-broadcast.d.ts +32 -0
  448. package/dist/services/notification-broadcast.js +38 -0
  449. package/dist/services/notification-broadcast.js.map +1 -0
  450. package/dist/services/notification-service.d.ts +41 -0
  451. package/dist/services/notification-service.js +100 -0
  452. package/dist/services/notification-service.js.map +1 -0
  453. package/dist/services/personal-folder.d.ts +40 -0
  454. package/dist/services/personal-folder.js +101 -0
  455. package/dist/services/personal-folder.js.map +1 -0
  456. package/dist/services/user-person-bridge.d.ts +118 -0
  457. package/dist/services/user-person-bridge.js +306 -0
  458. package/dist/services/user-person-bridge.js.map +1 -0
  459. package/dist/services/vector-service.d.ts +146 -6
  460. package/dist/services/vector-service.js +276 -13
  461. package/dist/services/vector-service.js.map +1 -1
  462. package/dist/services/workspace-access.d.ts +106 -0
  463. package/dist/services/workspace-access.js +149 -0
  464. package/dist/services/workspace-access.js.map +1 -0
  465. package/dist/utils/git.d.ts +17 -2
  466. package/dist/utils/git.js +23 -7
  467. package/dist/utils/git.js.map +1 -1
  468. package/dist/utils/log.d.ts +42 -0
  469. package/dist/utils/log.js +137 -0
  470. package/dist/utils/log.js.map +1 -0
  471. package/dist/utils/preflight.js +2 -2
  472. package/dist/utils/preflight.js.map +1 -1
  473. package/dist/utils/version-checker.d.ts +12 -19
  474. package/dist/utils/version-checker.js +14 -104
  475. package/dist/utils/version-checker.js.map +1 -1
  476. package/dist/web/_app/immutable/assets/0.DOumm94J.css +2 -0
  477. package/dist/web/_app/immutable/assets/13.DlIf1mKh.css +1 -0
  478. package/dist/web/_app/immutable/assets/14.7d-Q37wc.css +1 -0
  479. package/dist/web/_app/immutable/assets/15.CmLrbzZp.css +1 -0
  480. package/dist/web/_app/immutable/assets/2.BftNiAA4.css +1 -0
  481. package/dist/web/_app/immutable/assets/3.CV0abekd.css +1 -0
  482. package/dist/web/_app/immutable/assets/4.BgXzUTTk.css +1 -0
  483. package/dist/web/_app/immutable/assets/9.gsF-Ne6_.css +1 -0
  484. package/dist/web/_app/immutable/assets/AgentOverlay.CpvH9rhf.css +1 -0
  485. package/dist/web/_app/immutable/assets/AssetManagerModal.BKJfPAPk.css +1 -0
  486. package/dist/web/_app/immutable/assets/CalendarView.bNewSxkH.css +1 -0
  487. package/dist/web/_app/immutable/assets/ChevronDown.Bz0FjM7b.css +1 -0
  488. package/dist/web/_app/immutable/assets/FolderMembersPanel.DX1oBeF_.css +1 -0
  489. package/dist/web/_app/immutable/assets/FolderMutationDialogs.BMRF6Z3z.css +1 -0
  490. package/dist/web/_app/immutable/assets/FolderPicker.B5KdvRYl.css +1 -0
  491. package/dist/web/_app/immutable/assets/GalleryView.DgvSjS0I.css +1 -0
  492. package/dist/web/_app/immutable/assets/GraphView.BJtGL9py.css +1 -0
  493. package/dist/web/_app/immutable/assets/KanbanView.D0QbZFd6.css +1 -0
  494. package/dist/web/_app/immutable/assets/SettingsDialog.DYWYMFSO.css +1 -0
  495. package/dist/web/_app/immutable/assets/Spinner.UBfl0pab.css +1 -0
  496. package/dist/web/_app/immutable/assets/StopFilledAlt.CkPrHdPD.css +1 -0
  497. package/dist/web/_app/immutable/assets/TimelineView.DA-H6dvv.css +1 -0
  498. package/dist/web/_app/immutable/assets/WorkspaceView.BS1ildu7.css +1 -0
  499. package/dist/web/_app/immutable/assets/button.BlLm4Dg1.css +1 -0
  500. package/dist/web/_app/immutable/assets/formatting.vV0ne105.css +1 -0
  501. package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-400-normal.CvHOgSBP.woff +0 -0
  502. package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-400-normal.DMJ8VG8y.woff2 +0 -0
  503. package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-500-normal.CB9ihrfo.woff +0 -0
  504. package/dist/web/_app/immutable/assets/ibm-plex-mono-latin-500-normal.DSY6xOcd.woff2 +0 -0
  505. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-italic.CZTNEAuW.woff2 +0 -0
  506. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-italic.CsGl1sm0.woff +0 -0
  507. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-normal.CDDApCn2.woff2 +0 -0
  508. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-400-normal.CYLoc0-x.woff +0 -0
  509. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-italic.BNK2_mGO.woff2 +0 -0
  510. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-italic.DpEwFAQM.woff +0 -0
  511. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-normal.6ng42L7E.woff2 +0 -0
  512. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-500-normal.BgVn5rGT.woff +0 -0
  513. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-600-normal.Cu4Hd6ag.woff +0 -0
  514. package/dist/web/_app/immutable/assets/ibm-plex-sans-latin-600-normal.CuJfVYMP.woff2 +0 -0
  515. package/dist/web/_app/immutable/assets/inline-list.cqga56xT.css +1 -0
  516. package/dist/web/_app/immutable/assets/list-columns.BrRrAiZ7.css +1 -0
  517. package/dist/web/_app/immutable/assets/realtime.DDCWxn3B.css +1 -0
  518. package/dist/web/_app/immutable/assets/sheet.DJPuqnTg.css +1 -0
  519. package/dist/web/_app/immutable/assets/speech-dictation.C5CYFhS1.css +1 -0
  520. package/dist/web/_app/immutable/chunks/0edH8sO82.js +1 -0
  521. package/dist/web/_app/immutable/chunks/0iDDDyaZ.js +1 -0
  522. package/dist/web/_app/immutable/chunks/7-y0CE1z.js +1 -0
  523. package/dist/web/_app/immutable/chunks/7Bu427my2.js +184 -0
  524. package/dist/web/_app/immutable/chunks/B-V5eMSw2.js +1 -0
  525. package/dist/web/_app/immutable/chunks/B-i9_YVM.js +1 -0
  526. package/dist/web/_app/immutable/chunks/B15-kvCe.js +1 -0
  527. package/dist/web/_app/immutable/chunks/B4cFqqUS.js +3 -0
  528. package/dist/web/_app/immutable/chunks/B6Lt-qaJ.js +1 -0
  529. package/dist/web/_app/immutable/chunks/B7hznOQp.js +1 -0
  530. package/dist/web/_app/immutable/chunks/B7tbGyiU2.js +1 -0
  531. package/dist/web/_app/immutable/chunks/B8-Lm86o2.js +1 -0
  532. package/dist/web/_app/immutable/chunks/BBxt8lpa.js +1 -0
  533. package/dist/web/_app/immutable/chunks/BCaRi2AF.js +1 -0
  534. package/dist/web/_app/immutable/chunks/BJReLGMs.js +1 -0
  535. package/dist/web/_app/immutable/chunks/BKzV82vD2.js +83 -0
  536. package/dist/web/_app/immutable/chunks/BLHrJvbG.js +1 -0
  537. package/dist/web/_app/immutable/chunks/BQULA6er.js +4 -0
  538. package/dist/web/_app/immutable/chunks/BQW-EDgP2.js +224 -0
  539. package/dist/web/_app/immutable/chunks/BR6jMpLB.js +1 -0
  540. package/dist/web/_app/immutable/chunks/BUBMGU8t2.js +2 -0
  541. package/dist/web/_app/immutable/chunks/BVnuLlVg.js +1 -0
  542. package/dist/web/_app/immutable/chunks/BYokDzwE.js +1 -0
  543. package/dist/web/_app/immutable/chunks/B_Avv9jQ2.js +1 -0
  544. package/dist/web/_app/immutable/chunks/Bbp76jaT2.js +1 -0
  545. package/dist/web/_app/immutable/chunks/BddNmQ8j.js +1 -0
  546. package/dist/web/_app/immutable/chunks/BiJjH5mJ.js +2 -0
  547. package/dist/web/_app/immutable/chunks/BlyFGPFV.js +22 -0
  548. package/dist/web/_app/immutable/chunks/Bt88HrRx.js +1 -0
  549. package/dist/web/_app/immutable/chunks/Bu2iU6hh.js +67 -0
  550. package/dist/web/_app/immutable/chunks/Buih1pxI.js +1 -0
  551. package/dist/web/_app/immutable/chunks/BwwLJVvR.js +1 -0
  552. package/dist/web/_app/immutable/chunks/C0RpyyYZ.js +7 -0
  553. package/dist/web/_app/immutable/chunks/C2l-EXsT2.js +1 -0
  554. package/dist/web/_app/immutable/chunks/C35TIzaB.js +1 -0
  555. package/dist/web/_app/immutable/chunks/C3OdK8z_2.js +1 -0
  556. package/dist/web/_app/immutable/chunks/C6Nx0jpM.js +1 -0
  557. package/dist/web/_app/immutable/chunks/CA7O0J_u2.js +1 -0
  558. package/dist/web/_app/immutable/chunks/CAwjrHdk.js +23 -0
  559. package/dist/web/_app/immutable/chunks/CCLR-AJL2.js +185 -0
  560. package/dist/web/_app/immutable/chunks/CD0X7XPW.js +6 -0
  561. package/dist/web/_app/immutable/chunks/CDTjuBSm2.js +1 -0
  562. package/dist/web/_app/immutable/chunks/CSUrYOis.js +1 -0
  563. package/dist/web/_app/immutable/chunks/CUPSJObs.js +1 -0
  564. package/dist/web/_app/immutable/chunks/CUoGvuxK2.js +2 -0
  565. package/dist/web/_app/immutable/chunks/CWh8aehb.js +1 -0
  566. package/dist/web/_app/immutable/chunks/CY4XVBP0.js +1 -0
  567. package/dist/web/_app/immutable/chunks/CYTTTma0.js +3 -0
  568. package/dist/web/_app/immutable/chunks/CaoriuNq.js +1 -0
  569. package/dist/web/_app/immutable/chunks/CcsSt9AW2.js +1 -0
  570. package/dist/web/_app/immutable/chunks/Cd4VfAZC.js +2 -0
  571. package/dist/web/_app/immutable/chunks/CePZ1985.js +1 -0
  572. package/dist/web/_app/immutable/chunks/Cei8CKT4.js +1 -0
  573. package/dist/web/_app/immutable/chunks/CheXrbDk.js +1 -0
  574. package/dist/web/_app/immutable/chunks/CkLfUXwy.js +1 -0
  575. package/dist/web/_app/immutable/chunks/Cl-W0JYt.js +2 -0
  576. package/dist/web/_app/immutable/chunks/Cna7tYp-.js +1 -0
  577. package/dist/web/_app/immutable/chunks/Czwe4sGU2.js +3 -0
  578. package/dist/web/_app/immutable/chunks/D41CbXmM.js +1 -0
  579. package/dist/web/_app/immutable/chunks/D83_Ss42.js +1 -0
  580. package/dist/web/_app/immutable/chunks/D9NgbGbO2.js +9 -0
  581. package/dist/web/_app/immutable/chunks/DA-BuZei.js +2 -0
  582. package/dist/web/_app/immutable/chunks/DAXW5iLp.js +1 -0
  583. package/dist/web/_app/immutable/chunks/DCNJWlho2.js +1 -0
  584. package/dist/web/_app/immutable/chunks/DCtgLRl52.js +1 -0
  585. package/dist/web/_app/immutable/chunks/DH0epITQ2.js +1 -0
  586. package/dist/web/_app/immutable/chunks/DIb5rAPU2.js +1 -0
  587. package/dist/web/_app/immutable/chunks/DOmH4G9o2.js +14 -0
  588. package/dist/web/_app/immutable/chunks/DQMWa2t7.js +1 -0
  589. package/dist/web/_app/immutable/chunks/DQ_Xokap2.js +1 -0
  590. package/dist/web/_app/immutable/chunks/DR1K6PIm.js +1 -0
  591. package/dist/web/_app/immutable/chunks/DTCHhxD5.js +1 -0
  592. package/dist/web/_app/immutable/chunks/DU7XA-cL2.js +1 -0
  593. package/dist/web/_app/immutable/chunks/DVcy5Pp82.js +1 -0
  594. package/dist/web/_app/immutable/chunks/DWygwzcO2.js +1 -0
  595. package/dist/web/_app/immutable/chunks/DYXDRmoo2.js +1 -0
  596. package/dist/web/_app/immutable/chunks/DZEmjBTb.js +5 -0
  597. package/dist/web/_app/immutable/chunks/DaoOQFPb.js +1 -0
  598. package/dist/web/_app/immutable/chunks/DdfvtDOY.js +1 -0
  599. package/dist/web/_app/immutable/chunks/DevZTY1l.js +1 -0
  600. package/dist/web/_app/immutable/chunks/DiMQob8p.js +1 -0
  601. package/dist/web/_app/immutable/chunks/DiQJ9DLy.js +1 -0
  602. package/dist/web/_app/immutable/chunks/Dj5oP_ik.js +2 -0
  603. package/dist/web/_app/immutable/chunks/DjTJ4D_0.js +3 -0
  604. package/dist/web/_app/immutable/chunks/Dk4TeNwu.js +1 -0
  605. package/dist/web/_app/immutable/chunks/Dng3OcRd2.js +1 -0
  606. package/dist/web/_app/immutable/chunks/Do1OCNEG.js +1 -0
  607. package/dist/web/_app/immutable/chunks/Do6qOOng.js +1 -0
  608. package/dist/web/_app/immutable/chunks/DoQwt-f9.js +1 -0
  609. package/dist/web/_app/immutable/chunks/Dqg3k9HI2.js +1 -0
  610. package/dist/web/_app/immutable/chunks/DsnqOT222.js +1 -0
  611. package/dist/web/_app/immutable/chunks/DvJSCDuZ2.js +1 -0
  612. package/dist/web/_app/immutable/chunks/DvPuaTCl.js +5 -0
  613. package/dist/web/_app/immutable/chunks/DvYQu1SV.js +1 -0
  614. package/dist/web/_app/immutable/chunks/HdjeJPly2.js +1 -0
  615. package/dist/web/_app/immutable/chunks/JDw4tOUY.js +1 -0
  616. package/dist/web/_app/immutable/chunks/KBbDg4lS2.js +1 -0
  617. package/dist/web/_app/immutable/chunks/KQXQLJf32.js +1 -0
  618. package/dist/web/_app/immutable/chunks/LGnNalpn2.js +2 -0
  619. package/dist/web/_app/immutable/chunks/SH5Fg0Xu.js +1 -0
  620. package/dist/web/_app/immutable/chunks/Shyla9c12.js +2 -0
  621. package/dist/web/_app/immutable/chunks/VQbAelHN.js +1 -0
  622. package/dist/web/_app/immutable/chunks/apNT0aug2.js +1 -0
  623. package/dist/web/_app/immutable/chunks/e0ySQvQ6.js +1 -0
  624. package/dist/web/_app/immutable/chunks/eNB_sIHC2.js +1 -0
  625. package/dist/web/_app/immutable/chunks/g09ZrevW2.js +1 -0
  626. package/dist/web/_app/immutable/chunks/h4WWBpcD2.js +2692 -0
  627. package/dist/web/_app/immutable/chunks/kLub81jO.js +1 -0
  628. package/dist/web/_app/immutable/chunks/kW0z_eo62.js +1 -0
  629. package/dist/web/_app/immutable/chunks/oBQOivfH.js +1 -0
  630. package/dist/web/_app/immutable/chunks/ss8hcwTT.js +1 -0
  631. package/dist/web/_app/immutable/chunks/sub7ikQV.js +2 -0
  632. package/dist/web/_app/immutable/chunks/uuFM-ygL.js +1 -0
  633. package/dist/web/_app/immutable/chunks/v7me-ydg.js +2 -0
  634. package/dist/web/_app/immutable/chunks/xihTtKlq.js +1 -0
  635. package/dist/web/_app/immutable/chunks/yWi6xIp8.js +1 -0
  636. package/dist/web/_app/immutable/chunks/zl16E4yc2.js +1 -0
  637. package/dist/web/_app/immutable/entry/app.Bgniax9U.js +2 -0
  638. package/dist/web/_app/immutable/entry/start.DeD3x0AC.js +1 -0
  639. package/dist/web/_app/immutable/nodes/0.D7f7eDDY.js +2 -0
  640. package/dist/web/_app/immutable/nodes/1.nDAGsQWA.js +1 -0
  641. package/dist/web/_app/immutable/nodes/10.DFbhcPKT.js +1 -0
  642. package/dist/web/_app/immutable/nodes/11.CDErrkBt.js +1 -0
  643. package/dist/web/_app/immutable/nodes/12.QmphOXE2.js +1 -0
  644. package/dist/web/_app/immutable/nodes/13.Bq5rDhPs.js +1 -0
  645. package/dist/web/_app/immutable/nodes/14.BlcHqgr6.js +1 -0
  646. package/dist/web/_app/immutable/nodes/15.COK_-D-x.js +1 -0
  647. package/dist/web/_app/immutable/nodes/2.DOsCYNHa.js +109 -0
  648. package/dist/web/_app/immutable/nodes/3.BgE1sIyr.js +2 -0
  649. package/dist/web/_app/immutable/nodes/4.DvgaHeI4.js +11 -0
  650. package/dist/web/_app/immutable/nodes/5.CrjeBZES.js +1 -0
  651. package/dist/web/_app/immutable/nodes/6.DoHxsiEE.js +1 -0
  652. package/dist/web/_app/immutable/nodes/7.04fnxKIo.js +1 -0
  653. package/dist/web/_app/immutable/nodes/8.D35_cY6C.js +1 -0
  654. package/dist/web/_app/immutable/nodes/9.BRionwW6.js +1 -0
  655. package/dist/web/_app/version.json +1 -1
  656. package/dist/web/favicon-16.png +0 -0
  657. package/dist/web/favicon-180.png +0 -0
  658. package/dist/web/favicon-32.png +0 -0
  659. package/dist/web/favicon-48.png +0 -0
  660. package/dist/web/favicon-512.png +0 -0
  661. package/dist/web/favicon.ico +0 -0
  662. package/dist/web/favicon.svg +8 -0
  663. package/dist/web/index.html +56 -19
  664. package/dist/web/studiograph-logomark.svg +29 -0
  665. package/package.json +34 -14
  666. package/dist/agent/skills/enrich-entities.md +0 -136
  667. package/dist/agent/skills/obsidian-source-setup.md +0 -246
  668. package/dist/agent/skills/skill-loader.d.ts +0 -48
  669. package/dist/agent/skills/skill-loader.js +0 -166
  670. package/dist/agent/skills/skill-loader.js.map +0 -1
  671. package/dist/agent/skills/sync-configuration.md +0 -119
  672. package/dist/agent/skills/sync-setup.md +0 -82
  673. package/dist/agent/tools/sync-tools.d.ts +0 -35
  674. package/dist/agent/tools/sync-tools.js +0 -992
  675. package/dist/agent/tools/sync-tools.js.map +0 -1
  676. package/dist/auth/github.d.ts +0 -56
  677. package/dist/auth/github.js +0 -169
  678. package/dist/auth/github.js.map +0 -1
  679. package/dist/cli/commands/access.d.ts +0 -11
  680. package/dist/cli/commands/access.js +0 -156
  681. package/dist/cli/commands/access.js.map +0 -1
  682. package/dist/cli/commands/app.d.ts +0 -7
  683. package/dist/cli/commands/app.js +0 -268
  684. package/dist/cli/commands/app.js.map +0 -1
  685. package/dist/cli/commands/auth.d.ts +0 -10
  686. package/dist/cli/commands/auth.js +0 -79
  687. package/dist/cli/commands/auth.js.map +0 -1
  688. package/dist/cli/commands/clear.d.ts +0 -5
  689. package/dist/cli/commands/clear.js +0 -36
  690. package/dist/cli/commands/clear.js.map +0 -1
  691. package/dist/cli/commands/collection.d.ts +0 -10
  692. package/dist/cli/commands/collection.js +0 -187
  693. package/dist/cli/commands/collection.js.map +0 -1
  694. package/dist/cli/commands/enrich.d.ts +0 -11
  695. package/dist/cli/commands/enrich.js +0 -135
  696. package/dist/cli/commands/enrich.js.map +0 -1
  697. package/dist/cli/commands/graphrag.d.ts +0 -12
  698. package/dist/cli/commands/graphrag.js +0 -122
  699. package/dist/cli/commands/graphrag.js.map +0 -1
  700. package/dist/cli/commands/join.d.ts +0 -9
  701. package/dist/cli/commands/join.js +0 -255
  702. package/dist/cli/commands/join.js.map +0 -1
  703. package/dist/cli/commands/members.d.ts +0 -11
  704. package/dist/cli/commands/members.js +0 -230
  705. package/dist/cli/commands/members.js.map +0 -1
  706. package/dist/cli/commands/org.d.ts +0 -10
  707. package/dist/cli/commands/org.js +0 -132
  708. package/dist/cli/commands/org.js.map +0 -1
  709. package/dist/cli/commands/provision.d.ts +0 -8
  710. package/dist/cli/commands/provision.js +0 -116
  711. package/dist/cli/commands/provision.js.map +0 -1
  712. package/dist/cli/commands/resolve.d.ts +0 -8
  713. package/dist/cli/commands/resolve.js +0 -85
  714. package/dist/cli/commands/resolve.js.map +0 -1
  715. package/dist/cli/commands/review.d.ts +0 -19
  716. package/dist/cli/commands/review.js +0 -128
  717. package/dist/cli/commands/review.js.map +0 -1
  718. package/dist/cli/commands/source.d.ts +0 -16
  719. package/dist/cli/commands/source.js +0 -159
  720. package/dist/cli/commands/source.js.map +0 -1
  721. package/dist/cli/commands/start.d.ts +0 -7
  722. package/dist/cli/commands/start.js +0 -589
  723. package/dist/cli/commands/start.js.map +0 -1
  724. package/dist/cli/commands/sync-collection.d.ts +0 -14
  725. package/dist/cli/commands/sync-collection.js +0 -355
  726. package/dist/cli/commands/sync-collection.js.map +0 -1
  727. package/dist/cli/commands/sync-entities.d.ts +0 -13
  728. package/dist/cli/commands/sync-entities.js +0 -242
  729. package/dist/cli/commands/sync-entities.js.map +0 -1
  730. package/dist/cli/commands/team.d.ts +0 -12
  731. package/dist/cli/commands/team.js +0 -185
  732. package/dist/cli/commands/team.js.map +0 -1
  733. package/dist/cli/commands/update.d.ts +0 -8
  734. package/dist/cli/commands/update.js +0 -155
  735. package/dist/cli/commands/update.js.map +0 -1
  736. package/dist/cli/commands/user.d.ts +0 -7
  737. package/dist/cli/commands/user.js +0 -153
  738. package/dist/cli/commands/user.js.map +0 -1
  739. package/dist/cli/scaffolding.d.ts +0 -12
  740. package/dist/cli/scaffolding.js +0 -397
  741. package/dist/cli/scaffolding.js.map +0 -1
  742. package/dist/cli/sync-review-interactive.d.ts +0 -31
  743. package/dist/cli/sync-review-interactive.js +0 -393
  744. package/dist/cli/sync-review-interactive.js.map +0 -1
  745. package/dist/core/migration-runner.d.ts +0 -42
  746. package/dist/core/migration-runner.js +0 -232
  747. package/dist/core/migration-runner.js.map +0 -1
  748. package/dist/core/migration-types.d.ts +0 -101
  749. package/dist/core/migration-types.js +0 -21
  750. package/dist/core/migration-types.js.map +0 -1
  751. package/dist/core/migrations/20260219-formalize-memory-location.d.ts +0 -2
  752. package/dist/core/migrations/20260219-formalize-memory-location.js +0 -35
  753. package/dist/core/migrations/20260219-formalize-memory-location.js.map +0 -1
  754. package/dist/core/migrations/20260220-add-workspace-metadata.d.ts +0 -12
  755. package/dist/core/migrations/20260220-add-workspace-metadata.js +0 -65
  756. package/dist/core/migrations/20260220-add-workspace-metadata.js.map +0 -1
  757. package/dist/core/migrations/20260220-add-workspace-readme.d.ts +0 -11
  758. package/dist/core/migrations/20260220-add-workspace-readme.js +0 -82
  759. package/dist/core/migrations/20260220-add-workspace-readme.js.map +0 -1
  760. package/dist/core/migrations/20260220-migrate-yaml-to-json.d.ts +0 -9
  761. package/dist/core/migrations/20260220-migrate-yaml-to-json.js +0 -64
  762. package/dist/core/migrations/20260220-migrate-yaml-to-json.js.map +0 -1
  763. package/dist/core/migrations/index.d.ts +0 -11
  764. package/dist/core/migrations/index.js +0 -23
  765. package/dist/core/migrations/index.js.map +0 -1
  766. package/dist/integrations/asana.d.ts +0 -26
  767. package/dist/integrations/asana.js +0 -78
  768. package/dist/integrations/asana.js.map +0 -1
  769. package/dist/integrations/figma-local.d.ts +0 -16
  770. package/dist/integrations/figma-local.js +0 -10
  771. package/dist/integrations/figma-local.js.map +0 -1
  772. package/dist/integrations/figma.d.ts +0 -17
  773. package/dist/integrations/figma.js +0 -17
  774. package/dist/integrations/figma.js.map +0 -1
  775. package/dist/integrations/granola.d.ts +0 -24
  776. package/dist/integrations/granola.js +0 -60
  777. package/dist/integrations/granola.js.map +0 -1
  778. package/dist/integrations/linear.d.ts +0 -14
  779. package/dist/integrations/linear.js +0 -80
  780. package/dist/integrations/linear.js.map +0 -1
  781. package/dist/integrations/paper-local.d.ts +0 -14
  782. package/dist/integrations/paper-local.js +0 -10
  783. package/dist/integrations/paper-local.js.map +0 -1
  784. package/dist/integrations/paper.d.ts +0 -2
  785. package/dist/integrations/paper.js +0 -10
  786. package/dist/integrations/paper.js.map +0 -1
  787. package/dist/integrations/pipedrive.d.ts +0 -26
  788. package/dist/integrations/pipedrive.js +0 -97
  789. package/dist/integrations/pipedrive.js.map +0 -1
  790. package/dist/integrations/registry.d.ts +0 -15
  791. package/dist/integrations/registry.js +0 -27
  792. package/dist/integrations/registry.js.map +0 -1
  793. package/dist/integrations/types.d.ts +0 -38
  794. package/dist/integrations/types.js +0 -9
  795. package/dist/integrations/types.js.map +0 -1
  796. package/dist/lib/lib/utils.d.ts +0 -2
  797. package/dist/lib/lib/utils.js +0 -6
  798. package/dist/lib/lib/utils.js.map +0 -1
  799. package/dist/mcp/connectors/asana.d.ts +0 -2
  800. package/dist/mcp/connectors/asana.js +0 -20
  801. package/dist/mcp/connectors/asana.js.map +0 -1
  802. package/dist/mcp/connectors/definitions.d.ts +0 -45
  803. package/dist/mcp/connectors/definitions.js +0 -32
  804. package/dist/mcp/connectors/definitions.js.map +0 -1
  805. package/dist/mcp/connectors/figma.d.ts +0 -5
  806. package/dist/mcp/connectors/figma.js +0 -21
  807. package/dist/mcp/connectors/figma.js.map +0 -1
  808. package/dist/mcp/connectors/gdrive.d.ts +0 -2
  809. package/dist/mcp/connectors/gdrive.js +0 -20
  810. package/dist/mcp/connectors/gdrive.js.map +0 -1
  811. package/dist/mcp/connectors/granola.d.ts +0 -2
  812. package/dist/mcp/connectors/granola.js +0 -12
  813. package/dist/mcp/connectors/granola.js.map +0 -1
  814. package/dist/mcp/connectors/linear.d.ts +0 -2
  815. package/dist/mcp/connectors/linear.js +0 -19
  816. package/dist/mcp/connectors/linear.js.map +0 -1
  817. package/dist/mcp/connectors/obsidian.d.ts +0 -2
  818. package/dist/mcp/connectors/obsidian.js +0 -19
  819. package/dist/mcp/connectors/obsidian.js.map +0 -1
  820. package/dist/mcp/connectors/pipedrive.d.ts +0 -2
  821. package/dist/mcp/connectors/pipedrive.js +0 -20
  822. package/dist/mcp/connectors/pipedrive.js.map +0 -1
  823. package/dist/mcp/connectors/slack.d.ts +0 -2
  824. package/dist/mcp/connectors/slack.js +0 -21
  825. package/dist/mcp/connectors/slack.js.map +0 -1
  826. package/dist/mcp/server-oauth-provider.d.ts +0 -56
  827. package/dist/mcp/server-oauth-provider.js +0 -142
  828. package/dist/mcp/server-oauth-provider.js.map +0 -1
  829. package/dist/server/chrome/chrome.css +0 -691
  830. package/dist/server/chrome/chrome.js +0 -374
  831. package/dist/server/collab-authority.d.ts +0 -70
  832. package/dist/server/collab-authority.js +0 -218
  833. package/dist/server/collab-authority.js.map +0 -1
  834. package/dist/server/collab.d.ts +0 -29
  835. package/dist/server/collab.js +0 -195
  836. package/dist/server/collab.js.map +0 -1
  837. package/dist/server/commit-scheduler.d.ts +0 -39
  838. package/dist/server/commit-scheduler.js +0 -113
  839. package/dist/server/commit-scheduler.js.map +0 -1
  840. package/dist/server/plugin-loader.d.ts +0 -53
  841. package/dist/server/plugin-loader.js +0 -155
  842. package/dist/server/plugin-loader.js.map +0 -1
  843. package/dist/server/routes/collab.d.ts +0 -6
  844. package/dist/server/routes/collab.js +0 -10
  845. package/dist/server/routes/collab.js.map +0 -1
  846. package/dist/server/routes/git-api.d.ts +0 -9
  847. package/dist/server/routes/git-api.js +0 -82
  848. package/dist/server/routes/git-api.js.map +0 -1
  849. package/dist/server/routes/meeting-ingest-api.d.ts +0 -15
  850. package/dist/server/routes/meeting-ingest-api.js +0 -323
  851. package/dist/server/routes/meeting-ingest-api.js.map +0 -1
  852. package/dist/server/routes/sync-api.d.ts +0 -26
  853. package/dist/server/routes/sync-api.js +0 -814
  854. package/dist/server/routes/sync-api.js.map +0 -1
  855. package/dist/server/routes/webhook.d.ts +0 -14
  856. package/dist/server/routes/webhook.js +0 -102
  857. package/dist/server/routes/webhook.js.map +0 -1
  858. package/dist/services/github-provisioner.d.ts +0 -36
  859. package/dist/services/github-provisioner.js +0 -126
  860. package/dist/services/github-provisioner.js.map +0 -1
  861. package/dist/services/github-service.d.ts +0 -99
  862. package/dist/services/github-service.js +0 -310
  863. package/dist/services/github-service.js.map +0 -1
  864. package/dist/services/insights.d.ts +0 -38
  865. package/dist/services/insights.js +0 -246
  866. package/dist/services/insights.js.map +0 -1
  867. package/dist/services/sync/collection-sync.d.ts +0 -60
  868. package/dist/services/sync/collection-sync.js +0 -509
  869. package/dist/services/sync/collection-sync.js.map +0 -1
  870. package/dist/services/sync/commit.d.ts +0 -60
  871. package/dist/services/sync/commit.js +0 -354
  872. package/dist/services/sync/commit.js.map +0 -1
  873. package/dist/services/sync/context-index.d.ts +0 -69
  874. package/dist/services/sync/context-index.js +0 -280
  875. package/dist/services/sync/context-index.js.map +0 -1
  876. package/dist/services/sync/data-fetcher.d.ts +0 -31
  877. package/dist/services/sync/data-fetcher.js +0 -12
  878. package/dist/services/sync/data-fetcher.js.map +0 -1
  879. package/dist/services/sync/derive.d.ts +0 -34
  880. package/dist/services/sync/derive.js +0 -164
  881. package/dist/services/sync/derive.js.map +0 -1
  882. package/dist/services/sync/enrichment-state.d.ts +0 -31
  883. package/dist/services/sync/enrichment-state.js +0 -63
  884. package/dist/services/sync/enrichment-state.js.map +0 -1
  885. package/dist/services/sync/enrichment.d.ts +0 -25
  886. package/dist/services/sync/enrichment.js +0 -121
  887. package/dist/services/sync/enrichment.js.map +0 -1
  888. package/dist/services/sync/entity-refresh.d.ts +0 -30
  889. package/dist/services/sync/entity-refresh.js +0 -275
  890. package/dist/services/sync/entity-refresh.js.map +0 -1
  891. package/dist/services/sync/frontmatter-extractor.d.ts +0 -40
  892. package/dist/services/sync/frontmatter-extractor.js +0 -279
  893. package/dist/services/sync/frontmatter-extractor.js.map +0 -1
  894. package/dist/services/sync/graph-match-state.d.ts +0 -33
  895. package/dist/services/sync/graph-match-state.js +0 -61
  896. package/dist/services/sync/graph-match-state.js.map +0 -1
  897. package/dist/services/sync/graph-match.d.ts +0 -53
  898. package/dist/services/sync/graph-match.js +0 -316
  899. package/dist/services/sync/graph-match.js.map +0 -1
  900. package/dist/services/sync/graphrag-client.d.ts +0 -43
  901. package/dist/services/sync/graphrag-client.js +0 -94
  902. package/dist/services/sync/graphrag-client.js.map +0 -1
  903. package/dist/services/sync/graphrag-config.d.ts +0 -16
  904. package/dist/services/sync/graphrag-config.js +0 -39
  905. package/dist/services/sync/graphrag-config.js.map +0 -1
  906. package/dist/services/sync/graphrag-context.d.ts +0 -14
  907. package/dist/services/sync/graphrag-context.js +0 -109
  908. package/dist/services/sync/graphrag-context.js.map +0 -1
  909. package/dist/services/sync/graphrag-indexer.d.ts +0 -30
  910. package/dist/services/sync/graphrag-indexer.js +0 -358
  911. package/dist/services/sync/graphrag-indexer.js.map +0 -1
  912. package/dist/services/sync/llm.d.ts +0 -32
  913. package/dist/services/sync/llm.js +0 -115
  914. package/dist/services/sync/llm.js.map +0 -1
  915. package/dist/services/sync/mcp-client.d.ts +0 -71
  916. package/dist/services/sync/mcp-client.js +0 -299
  917. package/dist/services/sync/mcp-client.js.map +0 -1
  918. package/dist/services/sync/model-factory.d.ts +0 -13
  919. package/dist/services/sync/model-factory.js +0 -38
  920. package/dist/services/sync/model-factory.js.map +0 -1
  921. package/dist/services/sync/name-quality.d.ts +0 -31
  922. package/dist/services/sync/name-quality.js +0 -60
  923. package/dist/services/sync/name-quality.js.map +0 -1
  924. package/dist/services/sync/output-schemas.d.ts +0 -92
  925. package/dist/services/sync/output-schemas.js +0 -43
  926. package/dist/services/sync/output-schemas.js.map +0 -1
  927. package/dist/services/sync/prompts.d.ts +0 -19
  928. package/dist/services/sync/prompts.js +0 -128
  929. package/dist/services/sync/prompts.js.map +0 -1
  930. package/dist/services/sync/reconciler.d.ts +0 -48
  931. package/dist/services/sync/reconciler.js +0 -294
  932. package/dist/services/sync/reconciler.js.map +0 -1
  933. package/dist/services/sync/rest-client.d.ts +0 -40
  934. package/dist/services/sync/rest-client.js +0 -100
  935. package/dist/services/sync/rest-client.js.map +0 -1
  936. package/dist/services/sync/source-config.d.ts +0 -67
  937. package/dist/services/sync/source-config.js +0 -304
  938. package/dist/services/sync/source-config.js.map +0 -1
  939. package/dist/services/sync/source-definitions/asana.d.ts +0 -14
  940. package/dist/services/sync/source-definitions/asana.js +0 -42
  941. package/dist/services/sync/source-definitions/asana.js.map +0 -1
  942. package/dist/services/sync/source-definitions/definitions.d.ts +0 -8
  943. package/dist/services/sync/source-definitions/definitions.js +0 -8
  944. package/dist/services/sync/source-definitions/definitions.js.map +0 -1
  945. package/dist/services/sync/source-definitions/gdrive.d.ts +0 -16
  946. package/dist/services/sync/source-definitions/gdrive.js +0 -68
  947. package/dist/services/sync/source-definitions/gdrive.js.map +0 -1
  948. package/dist/services/sync/source-definitions/granola.d.ts +0 -2
  949. package/dist/services/sync/source-definitions/granola.js +0 -21
  950. package/dist/services/sync/source-definitions/granola.js.map +0 -1
  951. package/dist/services/sync/source-definitions/linear.d.ts +0 -2
  952. package/dist/services/sync/source-definitions/linear.js +0 -62
  953. package/dist/services/sync/source-definitions/linear.js.map +0 -1
  954. package/dist/services/sync/source-definitions/obsidian.d.ts +0 -2
  955. package/dist/services/sync/source-definitions/obsidian.js +0 -55
  956. package/dist/services/sync/source-definitions/obsidian.js.map +0 -1
  957. package/dist/services/sync/source-definitions/pipedrive.d.ts +0 -2
  958. package/dist/services/sync/source-definitions/pipedrive.js +0 -43
  959. package/dist/services/sync/source-definitions/pipedrive.js.map +0 -1
  960. package/dist/services/sync/staging.d.ts +0 -53
  961. package/dist/services/sync/staging.js +0 -130
  962. package/dist/services/sync/staging.js.map +0 -1
  963. package/dist/services/sync/structured-extractor.d.ts +0 -57
  964. package/dist/services/sync/structured-extractor.js +0 -584
  965. package/dist/services/sync/structured-extractor.js.map +0 -1
  966. package/dist/services/sync/sync-runner.d.ts +0 -32
  967. package/dist/services/sync/sync-runner.js +0 -195
  968. package/dist/services/sync/sync-runner.js.map +0 -1
  969. package/dist/services/sync/sync-state.d.ts +0 -43
  970. package/dist/services/sync/sync-state.js +0 -154
  971. package/dist/services/sync/sync-state.js.map +0 -1
  972. package/dist/services/sync/types.d.ts +0 -381
  973. package/dist/services/sync/types.js +0 -8
  974. package/dist/services/sync/types.js.map +0 -1
  975. package/dist/services/sync/unstructured-extractor.d.ts +0 -27
  976. package/dist/services/sync/unstructured-extractor.js +0 -185
  977. package/dist/services/sync/unstructured-extractor.js.map +0 -1
  978. package/dist/utils/merge-resolver.d.ts +0 -59
  979. package/dist/utils/merge-resolver.js +0 -303
  980. package/dist/utils/merge-resolver.js.map +0 -1
  981. package/dist/utils/workspace-config.d.ts +0 -8
  982. package/dist/utils/workspace-config.js +0 -22
  983. package/dist/utils/workspace-config.js.map +0 -1
  984. package/dist/web/_app/immutable/assets/0.DdizXOKi.css +0 -1
  985. package/dist/web/_app/immutable/assets/10.BUrHkYry.css +0 -1
  986. package/dist/web/_app/immutable/assets/2.n7-yW_Fs.css +0 -1
  987. package/dist/web/_app/immutable/assets/3.BtaZagnv.css +0 -1
  988. package/dist/web/_app/immutable/assets/4.DT7X0x5S.css +0 -1
  989. package/dist/web/_app/immutable/assets/5.DFeGxLYf.css +0 -1
  990. package/dist/web/_app/immutable/assets/6.CquhUpOu.css +0 -1
  991. package/dist/web/_app/immutable/assets/7.CjbDRbuG.css +0 -1
  992. package/dist/web/_app/immutable/assets/8.S1QdUGNM.css +0 -1
  993. package/dist/web/_app/immutable/assets/9.CT4xL4K3.css +0 -1
  994. package/dist/web/_app/immutable/assets/Copy.FS8bdfxr.css +0 -1
  995. package/dist/web/_app/immutable/assets/Toaster.rN8r_Hzv.css +0 -1
  996. package/dist/web/_app/immutable/assets/ViewToolbar.D-QW2oKe.css +0 -1
  997. package/dist/web/_app/immutable/assets/index.D6tMDJWk.css +0 -1
  998. package/dist/web/_app/immutable/chunks/37NdyH6G.js +0 -32
  999. package/dist/web/_app/immutable/chunks/4Hhzb6pv.js +0 -1
  1000. package/dist/web/_app/immutable/chunks/72bZS3G9.js +0 -1
  1001. package/dist/web/_app/immutable/chunks/7S2LGqoP.js +0 -2
  1002. package/dist/web/_app/immutable/chunks/B-7hHz7B.js +0 -1
  1003. package/dist/web/_app/immutable/chunks/B340SUKR.js +0 -1
  1004. package/dist/web/_app/immutable/chunks/BB_5th5W.js +0 -3383
  1005. package/dist/web/_app/immutable/chunks/BDoWDZaG.js +0 -1
  1006. package/dist/web/_app/immutable/chunks/BFyl1ZHO.js +0 -1
  1007. package/dist/web/_app/immutable/chunks/BS2rFAVq.js +0 -1
  1008. package/dist/web/_app/immutable/chunks/BSsDC_p4.js +0 -1
  1009. package/dist/web/_app/immutable/chunks/BTX2Jr8_.js +0 -1
  1010. package/dist/web/_app/immutable/chunks/BWNY8zw6.js +0 -2
  1011. package/dist/web/_app/immutable/chunks/BdPUVvAi.js +0 -1
  1012. package/dist/web/_app/immutable/chunks/BmsJVLyy.js +0 -1
  1013. package/dist/web/_app/immutable/chunks/BoAosqzE.js +0 -1
  1014. package/dist/web/_app/immutable/chunks/Bs-tL5OR.js +0 -1
  1015. package/dist/web/_app/immutable/chunks/Bsacq2UX.js +0 -1
  1016. package/dist/web/_app/immutable/chunks/BuewkNdS.js +0 -4
  1017. package/dist/web/_app/immutable/chunks/ByunV8un.js +0 -1
  1018. package/dist/web/_app/immutable/chunks/C7VoTosa.js +0 -2
  1019. package/dist/web/_app/immutable/chunks/CDV5Q7RN.js +0 -1
  1020. package/dist/web/_app/immutable/chunks/CJ8__CWt.js +0 -1
  1021. package/dist/web/_app/immutable/chunks/CJUKmosC.js +0 -5
  1022. package/dist/web/_app/immutable/chunks/CSVbGg_b.js +0 -5
  1023. package/dist/web/_app/immutable/chunks/CT6oIU-C.js +0 -1
  1024. package/dist/web/_app/immutable/chunks/CTRxNfZk.js +0 -1
  1025. package/dist/web/_app/immutable/chunks/CWQRQXxy.js +0 -1
  1026. package/dist/web/_app/immutable/chunks/CXH6iFbA.js +0 -1
  1027. package/dist/web/_app/immutable/chunks/CX_61fY8.js +0 -5
  1028. package/dist/web/_app/immutable/chunks/CYrVHOHA.js +0 -1
  1029. package/dist/web/_app/immutable/chunks/CdeYcEuU.js +0 -1
  1030. package/dist/web/_app/immutable/chunks/CmCtpZ1Y.js +0 -1
  1031. package/dist/web/_app/immutable/chunks/CqkleIqs.js +0 -1
  1032. package/dist/web/_app/immutable/chunks/CrdV0ttd.js +0 -1
  1033. package/dist/web/_app/immutable/chunks/CscoF-YL.js +0 -18
  1034. package/dist/web/_app/immutable/chunks/Cx4YdFMk.js +0 -1
  1035. package/dist/web/_app/immutable/chunks/D7ZqAKi9.js +0 -3
  1036. package/dist/web/_app/immutable/chunks/DGbA7IXh.js +0 -2
  1037. package/dist/web/_app/immutable/chunks/DbbB6Up5.js +0 -1
  1038. package/dist/web/_app/immutable/chunks/DnL9f0lc.js +0 -7
  1039. package/dist/web/_app/immutable/chunks/DtM5cEDu.js +0 -1
  1040. package/dist/web/_app/immutable/chunks/Eqahi7_S.js +0 -2
  1041. package/dist/web/_app/immutable/chunks/FFlLQIiS.js +0 -1
  1042. package/dist/web/_app/immutable/chunks/O9Eb9k00.js +0 -1
  1043. package/dist/web/_app/immutable/chunks/PPVm8Dsz.js +0 -1
  1044. package/dist/web/_app/immutable/chunks/QF8MAmnc.js +0 -1
  1045. package/dist/web/_app/immutable/chunks/UjzxCpxn.js +0 -1
  1046. package/dist/web/_app/immutable/chunks/WSUKABI_.js +0 -1
  1047. package/dist/web/_app/immutable/chunks/Y90OgS-9.js +0 -1
  1048. package/dist/web/_app/immutable/chunks/cLyZlkXv.js +0 -1
  1049. package/dist/web/_app/immutable/chunks/iDtAARVW.js +0 -2
  1050. package/dist/web/_app/immutable/chunks/oC_W7W7p.js +0 -1
  1051. package/dist/web/_app/immutable/chunks/rJdWIgh-.js +0 -1
  1052. package/dist/web/_app/immutable/chunks/tvOsokaa.js +0 -1
  1053. package/dist/web/_app/immutable/chunks/uLEXaPwE.js +0 -1
  1054. package/dist/web/_app/immutable/chunks/vSaooFHB.js +0 -1
  1055. package/dist/web/_app/immutable/entry/app.DAR-mtfg.js +0 -2
  1056. package/dist/web/_app/immutable/entry/start.xDnyRaR1.js +0 -1
  1057. package/dist/web/_app/immutable/nodes/0.D0aV-Zro.js +0 -2
  1058. package/dist/web/_app/immutable/nodes/1.C7QoM8qD.js +0 -1
  1059. package/dist/web/_app/immutable/nodes/10.DrDOAjOD.js +0 -1
  1060. package/dist/web/_app/immutable/nodes/2.B0OgNuKW.js +0 -168
  1061. package/dist/web/_app/immutable/nodes/3.BZ4qHGZi.js +0 -1
  1062. package/dist/web/_app/immutable/nodes/4.hm-mxuuj.js +0 -12
  1063. package/dist/web/_app/immutable/nodes/5.Bdbt4fjx.js +0 -4
  1064. package/dist/web/_app/immutable/nodes/6.BXrCI40c.js +0 -2
  1065. package/dist/web/_app/immutable/nodes/7.Chd4i9bm.js +0 -2
  1066. package/dist/web/_app/immutable/nodes/8.B8SF-aNs.js +0 -1
  1067. package/dist/web/_app/immutable/nodes/9.YDeu-RnO.js +0 -1
@@ -3,6 +3,12 @@
3
3
  *
4
4
  * Login, logout, session verification, and auth status endpoints.
5
5
  */
6
+ import { createHmac, timingSafeEqual } from 'node:crypto';
7
+ import { isWorkspaceOwner } from '../../services/auth-service.js';
8
+ import { Workspace } from '../../core/workspace.js';
9
+ import { ensurePersonalFolder, archivePersonalFolder } from '../../services/personal-folder.js';
10
+ import { authUserToGitUser, ensurePersonForUser, findPersonRefForUser } from '../../services/user-person-bridge.js';
11
+ import * as access from '../../services/access-control.js';
6
12
  // ── Login rate limiting ──
7
13
  const MAX_ATTEMPTS = 5;
8
14
  const LOCKOUT_MS = 15 * 60 * 1000; // 15 minutes
@@ -35,36 +41,251 @@ export function recordFailedAttempt(email) {
35
41
  export function clearAttempts(email) {
36
42
  loginAttempts.delete(email.toLowerCase());
37
43
  }
38
- function requireAdmin(req, authService) {
44
+ function requireOwner(req, authService) {
39
45
  const token = req.cookies?.['__sg_token'];
40
46
  if (!token)
41
47
  return null;
42
48
  const user = authService.verifyToken(token);
43
- if (!user || user.role !== 'admin')
49
+ if (!user || !isWorkspaceOwner(user.role))
44
50
  return null;
45
51
  return user;
46
52
  }
47
- export async function registerAuthApiRoutes(fastify, authService, workspaceName) {
53
+ /**
54
+ * Resolve the caller to an AuthUser. The global auth hook skips /api/auth/*
55
+ * so endpoints that need identity (like the token CRUD routes below) must
56
+ * look up credentials themselves.
57
+ *
58
+ * Accepted forms:
59
+ * - Cookie `__sg_token=<jwt>` (web UI)
60
+ * - `Authorization: Bearer <jwt>` (CLI with stored JWT)
61
+ * - `Authorization: Bearer <sg_…>` (CLI with API token)
62
+ *
63
+ * Mirrors the precedence the main API middleware uses elsewhere
64
+ * (src/server/index.ts) — needed so CLI commands like
65
+ * `studiograph admin transfer-ownership` can call /api/auth/* endpoints
66
+ * using the same Bearer sg_ token they use everywhere else.
67
+ */
68
+ function requireUser(req, authService) {
69
+ const cookieToken = req.cookies?.['__sg_token'];
70
+ if (cookieToken) {
71
+ const user = authService.verifyToken(cookieToken);
72
+ if (user)
73
+ return user;
74
+ }
75
+ const authHeader = req.headers?.authorization;
76
+ if (authHeader?.startsWith('Bearer ')) {
77
+ const bearer = authHeader.slice('Bearer '.length).trim();
78
+ if (bearer.startsWith('sg_')) {
79
+ return authService.verifyApiToken(bearer);
80
+ }
81
+ // Treat anything else as a JWT — verifyToken returns null on invalid input.
82
+ return authService.verifyToken(bearer);
83
+ }
84
+ return null;
85
+ }
86
+ function managedCloudAuthConfig() {
87
+ return {
88
+ enabled: parseBoolean(process.env.STUDIOGRAPH_MANAGED_AUTH),
89
+ cloudUrl: process.env.STUDIOGRAPH_CLOUD_URL?.trim() ?? '',
90
+ orgId: process.env.STUDIOGRAPH_CLOUD_ORG_ID?.trim() ?? '',
91
+ workspaceId: process.env.STUDIOGRAPH_CLOUD_WORKSPACE_ID?.trim() ?? '',
92
+ token: process.env.STUDIOGRAPH_CLOUD_TOKEN?.trim() ?? '',
93
+ };
94
+ }
95
+ function managedCloudLoginUrl(config) {
96
+ if (!config.cloudUrl || !config.orgId || !config.workspaceId)
97
+ return null;
98
+ const url = new URL('/auth/workspace', config.cloudUrl);
99
+ url.searchParams.set('orgId', config.orgId);
100
+ url.searchParams.set('workspaceId', config.workspaceId);
101
+ return url.toString();
102
+ }
103
+ function managedCloudLogoutUrl(config, returnTo) {
104
+ if (!config.cloudUrl)
105
+ return null;
106
+ const url = new URL('/auth/logout', config.cloudUrl);
107
+ if (returnTo)
108
+ url.searchParams.set('returnTo', returnTo);
109
+ return url.toString();
110
+ }
111
+ function requestOrigin(req) {
112
+ const rawHost = req.headers?.['x-forwarded-host'] ?? req.headers?.host;
113
+ const host = Array.isArray(rawHost) ? rawHost[0] : rawHost;
114
+ if (!host)
115
+ return null;
116
+ const rawProto = req.headers?.['x-forwarded-proto'];
117
+ const forwardedProto = Array.isArray(rawProto) ? rawProto[0] : rawProto;
118
+ const proto = typeof forwardedProto === 'string' && forwardedProto.trim()
119
+ ? forwardedProto.split(',')[0].trim()
120
+ : 'http';
121
+ return `${proto}://${host}`;
122
+ }
123
+ function managedLogoutReturnTo(req) {
124
+ const origin = requestOrigin(req);
125
+ if (!origin)
126
+ return null;
127
+ const url = new URL('/login', origin);
128
+ url.searchParams.set('managedLogout', '1');
129
+ return url.toString();
130
+ }
131
+ function verifyCloudLoginToken(token, secret) {
132
+ const [payloadPart, signaturePart] = token.split('.');
133
+ if (!payloadPart || !signaturePart || token.split('.').length !== 2) {
134
+ throw new Error('Malformed login token');
135
+ }
136
+ const expected = hmacBase64Url(payloadPart, secret);
137
+ if (!constantTimeEqual(signaturePart, expected)) {
138
+ throw new Error('Invalid login token signature');
139
+ }
140
+ const claims = JSON.parse(Buffer.from(payloadPart, 'base64url').toString('utf8'));
141
+ if (claims.iss !== 'studiograph-cloud' || claims.aud !== 'studiograph-runtime') {
142
+ throw new Error('Invalid login token audience');
143
+ }
144
+ if (!claims.orgId || !claims.workspaceId || !claims.userId || !claims.email || !claims.displayName || !claims.role) {
145
+ throw new Error('Incomplete login token');
146
+ }
147
+ if (!['owner', 'admin', 'member'].includes(claims.role)) {
148
+ throw new Error('Invalid login token role');
149
+ }
150
+ const now = Math.floor(Date.now() / 1000);
151
+ if (typeof claims.exp !== 'number' || claims.exp < now) {
152
+ throw new Error('Login token has expired');
153
+ }
154
+ if (typeof claims.iat !== 'number' || claims.iat > now + 60) {
155
+ throw new Error('Login token was issued in the future');
156
+ }
157
+ return claims;
158
+ }
159
+ function runtimeRoleForCloudRole(cloudRole, existing, authService) {
160
+ if (existing?.role === 'owner')
161
+ return 'owner';
162
+ if (cloudRole === 'owner')
163
+ return 'owner';
164
+ if (!authService.getOwner() && cloudRole === 'admin')
165
+ return 'owner';
166
+ return 'member';
167
+ }
168
+ function grantManagedWorkspaceAccess(authService, workspaceManager, user, cloudRole) {
169
+ const folderRole = cloudRole === 'owner' || cloudRole === 'admin' ? 'admin' : 'editor';
170
+ for (const repo of workspaceManager.getAllRepoConfigs()) {
171
+ if (repo.personal)
172
+ continue;
173
+ const currentRole = authService.getFolderRole(user.id, repo.name);
174
+ if (currentRole === 'admin')
175
+ continue;
176
+ if (currentRole !== folderRole)
177
+ authService.grantFolderAccess(user.id, repo.name, folderRole);
178
+ }
179
+ }
180
+ function hmacBase64Url(value, secret) {
181
+ return createHmac('sha256', secret).update(value).digest('base64url');
182
+ }
183
+ function constantTimeEqual(a, b) {
184
+ const left = Buffer.from(a);
185
+ const right = Buffer.from(b);
186
+ return left.length === right.length && timingSafeEqual(left, right);
187
+ }
188
+ function parseBoolean(value) {
189
+ if (!value)
190
+ return false;
191
+ return ['1', 'true', 'yes', 'on'].includes(value.trim().toLowerCase());
192
+ }
193
+ export async function registerAuthApiRoutes(fastify, authService, workspacePath, workspaceManager, workspaceName) {
194
+ fastify.get('/api/cloud/auth/callback', async (req, reply) => {
195
+ const config = managedCloudAuthConfig();
196
+ if (!config.enabled)
197
+ return reply.status(404).send({ error: 'Managed cloud auth is not enabled' });
198
+ if (!config.token || !config.workspaceId) {
199
+ return reply.status(503).send({ error: 'Managed cloud auth is not configured' });
200
+ }
201
+ const { token } = req.query;
202
+ if (!token)
203
+ return reply.status(400).send({ error: 'Missing login token' });
204
+ try {
205
+ const claims = verifyCloudLoginToken(token, config.token);
206
+ if (claims.workspaceId !== config.workspaceId) {
207
+ return reply.status(403).send({ error: 'Login token was issued for a different workspace' });
208
+ }
209
+ if (config.orgId && claims.orgId !== config.orgId) {
210
+ return reply.status(403).send({ error: 'Login token was issued for a different organization' });
211
+ }
212
+ const existing = authService.findUserByEmail(claims.email);
213
+ const runtimeRole = runtimeRoleForCloudRole(claims.role, existing, authService);
214
+ const user = authService.upsertCloudManagedUser({
215
+ email: claims.email,
216
+ displayName: claims.displayName,
217
+ role: runtimeRole,
218
+ });
219
+ await ensurePersonalFolder(new Workspace(workspacePath), authService, user);
220
+ grantManagedWorkspaceAccess(authService, workspaceManager, user, claims.role);
221
+ workspaceManager.reloadConfig();
222
+ try {
223
+ const r = await ensurePersonForUser(workspaceManager, authService, user, authUserToGitUser(user));
224
+ if (r.action === 'skipped') {
225
+ console.warn(`[auth] cloud-managed user person bridge skipped: ${r.reason}`);
226
+ }
227
+ }
228
+ catch (err) {
229
+ console.warn('[auth] ensurePersonForUser failed during cloud login:', err?.message ?? err);
230
+ }
231
+ const secure = req.headers['x-forwarded-proto'] === 'https';
232
+ reply.setCookie('__sg_token', authService.createSessionToken(user), {
233
+ path: '/',
234
+ httpOnly: true,
235
+ sameSite: 'strict',
236
+ secure,
237
+ maxAge: 7 * 24 * 60 * 60,
238
+ });
239
+ return reply.redirect('/');
240
+ }
241
+ catch (err) {
242
+ return reply.status(401).send({ error: err?.message || 'Invalid login token' });
243
+ }
244
+ });
48
245
  // ── Admin user management ──
49
- // GET /api/auth/users — list all users (admin only)
246
+ // GET /api/auth/users — list all users. Any authenticated caller: folder
247
+ // admins need this to populate the share-dialog "Add members" candidates,
248
+ // and the comment @-mention surface needs the same shape.
249
+ // Mutating endpoints below (POST/DELETE/PATCH) stay owner-only.
50
250
  fastify.get('/api/auth/users', async (req, reply) => {
51
- const admin = requireAdmin(req, authService);
52
- if (!admin)
53
- return reply.status(403).send({ error: 'Admin access required' });
251
+ const user = requireUser(req, authService);
252
+ if (!user)
253
+ return reply.status(401).send({ error: 'Authentication required' });
54
254
  return reply.send({ users: authService.listUsers() });
55
255
  });
56
256
  // POST /api/auth/users — create a new user (admin only)
57
257
  fastify.post('/api/auth/users', async (req, reply) => {
58
- const admin = requireAdmin(req, authService);
258
+ const admin = requireOwner(req, authService);
59
259
  if (!admin)
60
- return reply.status(403).send({ error: 'Admin access required' });
260
+ return reply.status(403).send({ error: 'Workspace owner access required' });
61
261
  const { email, password, displayName, role } = req.body;
62
262
  if (!email || !password) {
63
263
  return reply.status(400).send({ error: 'Email and password are required' });
64
264
  }
265
+ if (role && role !== 'owner' && role !== 'member') {
266
+ return reply.status(400).send({ error: `Invalid role "${role}" — must be "owner" or "member"` });
267
+ }
65
268
  try {
66
269
  const user = authService.createUser(email, password, displayName || email.split('@')[0], role || 'member');
67
- return reply.send({ user });
270
+ await ensurePersonalFolder(new Workspace(workspacePath), authService, user);
271
+ workspaceManager.reloadConfig();
272
+ // Bridge the new auth account to a person entity (email-match an
273
+ // existing record or auto-provision one in the team repo). Non-fatal:
274
+ // a missing team repo should never block registration, but the
275
+ // caller still needs to know the bridge didn't take so the UI can
276
+ // surface a "your account is created but workspace-wide mentions /
277
+ // assignment won't reach you yet" hint.
278
+ let bridgeWarning;
279
+ try {
280
+ const r = await ensurePersonForUser(workspaceManager, authService, user, authUserToGitUser(user));
281
+ if (r.action === 'skipped')
282
+ bridgeWarning = `Person record not auto-provisioned (${r.reason}). Workspace owner needs to configure team_repo before mentions and "My Tasks" will resolve to this account.`;
283
+ }
284
+ catch (err) {
285
+ console.warn('[auth] ensurePersonForUser failed:', err?.message ?? err);
286
+ bridgeWarning = `Person record provisioning failed: ${err?.message ?? err}. Workspace owner can retry via the agent's link_person_to_user tool.`;
287
+ }
288
+ return reply.send({ user, ...(bridgeWarning ? { bridgeWarning } : {}) });
68
289
  }
69
290
  catch (err) {
70
291
  return reply.status(400).send({ error: err.message });
@@ -72,9 +293,9 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
72
293
  });
73
294
  // DELETE /api/auth/users/:id — delete a user (admin only, cannot delete self or last admin)
74
295
  fastify.delete('/api/auth/users/:id', async (req, reply) => {
75
- const admin = requireAdmin(req, authService);
296
+ const admin = requireOwner(req, authService);
76
297
  if (!admin)
77
- return reply.status(403).send({ error: 'Admin access required' });
298
+ return reply.status(403).send({ error: 'Workspace owner access required' });
78
299
  const userId = parseInt(req.params.id, 10);
79
300
  if (isNaN(userId))
80
301
  return reply.status(400).send({ error: 'Invalid user ID' });
@@ -84,17 +305,111 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
84
305
  const target = users.find(u => u.id === userId);
85
306
  if (!target)
86
307
  return reply.status(404).send({ error: 'User not found' });
87
- if (target.role === 'admin' && users.filter(u => u.role === 'admin').length <= 1) {
88
- return reply.status(400).send({ error: 'Cannot delete the last admin' });
308
+ if (target.role === 'owner' && users.filter(u => u.role === 'owner').length <= 1) {
309
+ return reply.status(400).send({ error: 'Cannot delete the last workspace owner. Transfer ownership first.' });
310
+ }
311
+ // Transfer folders the target solely administers to the actor
312
+ // (the workspace owner performing this deletion) BEFORE the cascade
313
+ // delete — otherwise folder_access rows for those folders disappear
314
+ // and the folder is left with no admins.
315
+ //
316
+ // Personal folders (the target's "My Folder") are a sub-case: they
317
+ // transfer the same way, then get demoted to normal archive folders
318
+ // so the one-personal-folder-per-user invariant holds and the actor
319
+ // ends up with a plainly-named folder they own outright.
320
+ const workspace = new Workspace(workspacePath);
321
+ const preConfig = await workspace.loadConfig();
322
+ const targetPersonalFolders = preConfig.repos.filter(r => r.personal === true && r.owner_id === target.id);
323
+ const personalEntryCounts = new Map();
324
+ for (const p of targetPersonalFolders) {
325
+ try {
326
+ personalEntryCounts.set(p.name, workspaceManager.getGraph(p.name).listEntityIds().length);
327
+ }
328
+ catch {
329
+ personalEntryCounts.set(p.name, 0);
330
+ }
331
+ }
332
+ const transferred = authService.transferFoldersOnDelete(target.id, admin.id);
333
+ // Capture the old name upfront: archivePersonalFolder mutates the
334
+ // RepoConfig in place (name/path change), so reading `p.name` after
335
+ // the await would return the new archive name.
336
+ const archived = [];
337
+ for (const p of targetPersonalFolders) {
338
+ const oldName = p.name;
339
+ if (!transferred.includes(oldName))
340
+ continue;
341
+ const { newName, newDisplayName } = await archivePersonalFolder(workspace, oldName, target.displayName, authService);
342
+ archived.push({
343
+ oldName,
344
+ newName,
345
+ newDisplayName,
346
+ entryCount: personalEntryCounts.get(oldName) ?? 0,
347
+ });
89
348
  }
90
349
  authService.deleteUser(target.email);
91
- return reply.send({ ok: true });
350
+ if (archived.length > 0)
351
+ workspaceManager.reloadConfig();
352
+ return reply.send({ ok: true, transferred, archived });
353
+ });
354
+ // GET /api/auth/users/:id/deletion-preview — show the actor what
355
+ // will transfer if they delete this user. Owner-gated. Returns entry
356
+ // counts and archive names so the confirmation UI can set expectations
357
+ // WITHOUT exposing the contents of the target's private folder. The
358
+ // preview is advisory; the DELETE endpoint is the source of truth.
359
+ fastify.get('/api/auth/users/:id/deletion-preview', async (req, reply) => {
360
+ const admin = requireOwner(req, authService);
361
+ if (!admin)
362
+ return reply.status(403).send({ error: 'Workspace owner access required' });
363
+ const userId = parseInt(req.params.id, 10);
364
+ if (isNaN(userId))
365
+ return reply.status(400).send({ error: 'Invalid user ID' });
366
+ if (admin.id === userId)
367
+ return reply.status(400).send({ error: 'Cannot preview deleting yourself' });
368
+ const target = authService.listUsers().find(u => u.id === userId);
369
+ if (!target)
370
+ return reply.status(404).send({ error: 'User not found' });
371
+ const workspace = new Workspace(workspacePath);
372
+ const config = await workspace.loadConfig();
373
+ // Mirror transferFoldersOnDelete's sole-admin rule so the preview
374
+ // matches the real delete. Personal folders are 1-member by nature,
375
+ // so they always qualify.
376
+ const targetAdminFolders = authService.getUserFolders(target.id)
377
+ .filter(f => authService.getFolderRole(target.id, f) === 'admin');
378
+ const soleAdminFolders = targetAdminFolders.filter(f => authService.getFolderAdmins(f).length === 1);
379
+ const date = new Date().toISOString().slice(0, 10);
380
+ const personalFolders = config.repos.filter(r => r.personal === true && r.owner_id === target.id && soleAdminFolders.includes(r.name));
381
+ const sharedSoleAdmin = soleAdminFolders.filter(f => !personalFolders.some(p => p.name === f));
382
+ const personal = personalFolders.map(p => {
383
+ let entryCount = 0;
384
+ try {
385
+ entryCount = workspaceManager.getGraph(p.name).listEntityIds().length;
386
+ }
387
+ catch { /* skip */ }
388
+ return {
389
+ entryCount,
390
+ newDisplayName: `Archive: ${target.displayName} (${date})`,
391
+ };
392
+ });
393
+ const shared = sharedSoleAdmin.map(f => {
394
+ const repo = config.repos.find(r => r.name === f);
395
+ let entryCount = 0;
396
+ try {
397
+ entryCount = workspaceManager.getGraph(f).listEntityIds().length;
398
+ }
399
+ catch { /* skip */ }
400
+ return {
401
+ name: f,
402
+ displayName: repo?.display_name ?? f,
403
+ entryCount,
404
+ };
405
+ });
406
+ return reply.send({ personal, shared });
92
407
  });
93
408
  // PATCH /api/auth/users/:id/password — reset a user's password (admin only)
94
409
  fastify.patch('/api/auth/users/:id/password', async (req, reply) => {
95
- const admin = requireAdmin(req, authService);
410
+ const admin = requireOwner(req, authService);
96
411
  if (!admin)
97
- return reply.status(403).send({ error: 'Admin access required' });
412
+ return reply.status(403).send({ error: 'Workspace owner access required' });
98
413
  const userId = parseInt(req.params.id, 10);
99
414
  if (isNaN(userId))
100
415
  return reply.status(400).send({ error: 'Invalid user ID' });
@@ -113,23 +428,116 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
113
428
  return reply.status(400).send({ error: err.message });
114
429
  }
115
430
  });
116
- // POST /api/auth/api-key/regenerateregenerate workspace API key (admin only)
117
- fastify.post('/api/auth/api-key/regenerate', async (req, reply) => {
118
- const admin = requireAdmin(req, authService);
431
+ // PATCH /api/auth/users/:idupdate a member's profile (owner only).
432
+ // Currently accepts `email` and `displayName`; mirrors the existing
433
+ // password-reset pattern (owner-gated, no user notification).
434
+ fastify.patch('/api/auth/users/:id', async (req, reply) => {
435
+ const admin = requireOwner(req, authService);
119
436
  if (!admin)
120
- return reply.status(403).send({ error: 'Admin access required' });
121
- const newKey = authService.regenerateApiKey();
122
- return reply.send({ apiKey: newKey });
437
+ return reply.status(403).send({ error: 'Workspace owner access required' });
438
+ const userId = parseInt(req.params.id, 10);
439
+ if (isNaN(userId))
440
+ return reply.status(400).send({ error: 'Invalid user ID' });
441
+ const { email, displayName } = req.body;
442
+ if (email === undefined && displayName === undefined) {
443
+ return reply.status(400).send({ error: 'Nothing to update' });
444
+ }
445
+ if (email !== undefined) {
446
+ const normalized = email.toLowerCase().trim();
447
+ if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(normalized)) {
448
+ return reply.status(400).send({ error: 'Invalid email address' });
449
+ }
450
+ }
451
+ const target = authService.findUserById(userId);
452
+ if (!target)
453
+ return reply.status(404).send({ error: 'User not found' });
454
+ try {
455
+ const updated = authService.updateProfile(userId, { email, displayName });
456
+ return reply.send({ user: updated });
457
+ }
458
+ catch (err) {
459
+ // SQLite raises a UNIQUE constraint error on duplicate email.
460
+ if (String(err?.message ?? '').includes('UNIQUE')) {
461
+ return reply.status(409).send({ error: 'That email is already in use' });
462
+ }
463
+ return reply.status(400).send({ error: err.message });
464
+ }
465
+ });
466
+ // ── Per-user API tokens (used by MCP clients, CLI, and git HTTP) ──
467
+ // POST /api/auth/tokens — mint a new token for the authenticated user.
468
+ // Body: { name: string }. Returns the raw token once; only its hash is stored.
469
+ fastify.post('/api/auth/tokens', async (req, reply) => {
470
+ const user = requireUser(req, authService);
471
+ if (!user)
472
+ return reply.status(401).send({ error: 'Unauthorized' });
473
+ const { name } = (req.body ?? {});
474
+ if (!name || !name.trim()) {
475
+ return reply.status(400).send({ error: 'name is required' });
476
+ }
477
+ try {
478
+ const minted = authService.createApiToken(user.id, name);
479
+ return reply.status(201).send(minted);
480
+ }
481
+ catch (err) {
482
+ return reply.status(400).send({ error: err.message });
483
+ }
484
+ });
485
+ // GET /api/auth/tokens — list the authenticated user's tokens (metadata only).
486
+ fastify.get('/api/auth/tokens', async (req, reply) => {
487
+ const user = requireUser(req, authService);
488
+ if (!user)
489
+ return reply.status(401).send({ error: 'Unauthorized' });
490
+ return reply.send({ tokens: authService.listApiTokens(user.id) });
491
+ });
492
+ // DELETE /api/auth/tokens/:id — revoke one of the user's own tokens.
493
+ fastify.delete('/api/auth/tokens/:id', async (req, reply) => {
494
+ const user = requireUser(req, authService);
495
+ if (!user)
496
+ return reply.status(401).send({ error: 'Unauthorized' });
497
+ const tokenId = parseInt(req.params.id, 10);
498
+ if (isNaN(tokenId))
499
+ return reply.status(400).send({ error: 'Invalid token id' });
500
+ const ok = authService.revokeApiToken(tokenId, user.id);
501
+ if (!ok)
502
+ return reply.status(404).send({ error: 'Token not found' });
503
+ return reply.send({ ok: true });
123
504
  });
124
505
  // GET /api/auth/seed — export auth seed data (admin only, for remote pull)
506
+ // Phase 3: sanitized via the same registry-driven helper as
507
+ // /api/config/bundle. jwtSecret + deprecated apiKey are dropped before
508
+ // the response leaves the trust boundary.
125
509
  fastify.get('/api/auth/seed', async (req, reply) => {
126
- const admin = requireAdmin(req, authService);
510
+ const admin = requireOwner(req, authService);
127
511
  if (!admin)
128
- return reply.status(403).send({ error: 'Admin access required' });
129
- return reply.send(authService.getSeedData());
512
+ return reply.status(403).send({ error: 'Workspace owner access required' });
513
+ const { sanitizeAuthSeed } = await import('../../core/secrets/bundle.js');
514
+ return reply.send(sanitizeAuthSeed(authService.getSeedData()));
515
+ });
516
+ // POST /api/auth/transfer-ownership — transfer ownership to another user (owner only).
517
+ // Accepts cookie OR Bearer sg_ token via requireUser (the CLI calls this
518
+ // through `studiograph admin transfer-ownership`).
519
+ fastify.post('/api/auth/transfer-ownership', async (req, reply) => {
520
+ const user = requireUser(req, authService);
521
+ if (!user)
522
+ return reply.status(401).send({ error: 'Unauthorized' });
523
+ if (user.role !== 'owner')
524
+ return reply.status(403).send({ error: 'Only the workspace owner can transfer ownership' });
525
+ const { targetUserId } = req.body;
526
+ if (!targetUserId)
527
+ return reply.status(400).send({ error: 'targetUserId is required' });
528
+ try {
529
+ authService.transferOwnership(user.id, targetUserId);
530
+ return reply.send({ ok: true });
531
+ }
532
+ catch (err) {
533
+ return reply.status(400).send({ error: err.message });
534
+ }
130
535
  });
131
536
  // POST /api/auth/login — authenticate and set session cookie
132
537
  fastify.post('/api/auth/login', async (req, reply) => {
538
+ if (managedCloudAuthConfig().enabled) {
539
+ return reply.status(403).send({ error: 'Use Studiograph Cloud to sign in to this managed workspace' });
540
+ }
133
541
  const { email, password } = req.body;
134
542
  if (!email || !password) {
135
543
  return reply.status(400).send({ error: 'Email and password are required' });
@@ -155,8 +563,8 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
155
563
  maxAge: 7 * 24 * 60 * 60, // 7 days
156
564
  });
157
565
  // Include the token in the response body when requested via
158
- // X-Return-Token header (used by Chrome extension and other
159
- // API clients that can't use cookies across origins).
566
+ // X-Return-Token header for API clients that can't use cookies
567
+ // across origins.
160
568
  const returnToken = req.headers['x-return-token'] === '1';
161
569
  return reply.send({
162
570
  user: result.user,
@@ -164,37 +572,83 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
164
572
  });
165
573
  });
166
574
  // POST /api/auth/logout — clear session cookie
167
- fastify.post('/api/auth/logout', async (_req, reply) => {
575
+ fastify.post('/api/auth/logout', async (req, reply) => {
576
+ const cloudAuth = managedCloudAuthConfig();
168
577
  reply.setCookie('__sg_token', '', {
169
578
  path: '/',
170
579
  httpOnly: true,
171
580
  sameSite: 'strict',
172
581
  maxAge: 0,
173
582
  });
174
- return reply.send({ ok: true });
583
+ return reply.send({
584
+ ok: true,
585
+ logoutUrl: cloudAuth.enabled
586
+ ? managedCloudLogoutUrl(cloudAuth, managedLogoutReturnTo(req))
587
+ : undefined,
588
+ });
175
589
  });
176
- // GET /api/auth/me — verify current session
590
+ // GET /api/auth/me — verify current session. Also resolves the user's
591
+ // linked person entity (the auth↔person bridge) so the client gets both
592
+ // identifiers in one round-trip. `personRef` is null when the user has
593
+ // no linked entity (legacy, unprovisioned, or explicitly unlinked) OR
594
+ // when the linked entity lives in a repo the user no longer has read
595
+ // access to (would leak repo existence otherwise — see access-control).
177
596
  fastify.get('/api/auth/me', async (req, reply) => {
178
- const token = req.cookies?.['__sg_token'];
179
- if (!token) {
597
+ // Resolve from the cookie JWT OR Authorization: Bearer (JWT / sg_ API
598
+ // token) via the shared requireUser helper. The global auth hook skips
599
+ // /api/auth/*, so without this the boot session check only honored the
600
+ // web cookie and rejected API-token callers (CLI, automation, the
601
+ // headless browser) even though they authenticate everywhere else.
602
+ const user = requireUser(req, authService);
603
+ if (!user) {
180
604
  return reply.status(401).send({ error: 'Not authenticated' });
181
605
  }
606
+ const rawRef = findPersonRefForUser(workspaceManager, user.handle);
607
+ const personRef = rawRef && access.hasRepoAccess(user, rawRef.repo, workspaceManager, authService)
608
+ ? rawRef
609
+ : null;
610
+ return reply.send({ user, personRef });
611
+ });
612
+ // PATCH /api/auth/me — update current user's profile
613
+ fastify.patch('/api/auth/me', async (req, reply) => {
614
+ const token = req.cookies?.['__sg_token'];
615
+ if (!token)
616
+ return reply.status(401).send({ error: 'Not authenticated' });
182
617
  const user = authService.verifyToken(token);
183
- if (!user) {
618
+ if (!user)
184
619
  return reply.status(401).send({ error: 'Not authenticated' });
620
+ const { displayName, email, newPassword } = req.body;
621
+ if (newPassword) {
622
+ authService.updatePassword(user.email, newPassword);
185
623
  }
186
- return reply.send({ user });
624
+ const updated = authService.updateProfile(user.id, {
625
+ displayName: displayName !== undefined ? displayName : undefined,
626
+ email: email !== undefined ? email : undefined,
627
+ });
628
+ return reply.send({ user: updated });
629
+ });
630
+ // GET /api/auth/colors — accent colors for all users (for avatar rendering)
631
+ fastify.get('/api/auth/colors', async (_req, reply) => {
632
+ return reply.send({ colors: authService.getAllAccentColors() });
187
633
  });
188
634
  // GET /api/auth/status — public endpoint for login page
189
- fastify.get('/api/auth/status', async (_req, reply) => {
635
+ fastify.get('/api/auth/status', async (req, reply) => {
636
+ const cloudAuth = managedCloudAuthConfig();
190
637
  return reply.send({
191
638
  authEnabled: authService.hasUsers(),
192
639
  userCount: authService.getUserCount(),
193
640
  workspaceName: workspaceName || undefined,
641
+ managedAuth: cloudAuth.enabled,
642
+ cloudUrl: cloudAuth.cloudUrl || undefined,
643
+ managedAuthLoginUrl: managedCloudLoginUrl(cloudAuth) || undefined,
644
+ managedAuthLogoutUrl: managedCloudLogoutUrl(cloudAuth, managedLogoutReturnTo(req)) || undefined,
194
645
  });
195
646
  });
196
647
  // POST /api/auth/setup — create the first admin account (only works when no users exist)
197
648
  fastify.post('/api/auth/setup', async (req, reply) => {
649
+ if (managedCloudAuthConfig().enabled) {
650
+ return reply.status(403).send({ error: 'Managed workspaces are set up from Studiograph Cloud' });
651
+ }
198
652
  if (authService.hasUsers()) {
199
653
  return reply.status(403).send({ error: 'Setup already completed' });
200
654
  }
@@ -203,7 +657,34 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
203
657
  return reply.status(400).send({ error: 'Email and password are required' });
204
658
  }
205
659
  try {
206
- const user = authService.createUser(email, password, displayName || email.split('@')[0], 'admin');
660
+ const user = authService.createUser(email, password, displayName || email.split('@')[0], 'owner');
661
+ await ensurePersonalFolder(new Workspace(workspacePath), authService, user);
662
+ workspaceManager.reloadConfig();
663
+ // Grant the first owner folder-admin on every existing team folder.
664
+ // Without this, folders scaffolded by `studiograph init` before any
665
+ // user existed end up with zero folder_access rows, and
666
+ // `getAccessibleRepos()` filters them out of the sidebar — the first
667
+ // owner then sees an empty workspace despite the files being on disk.
668
+ // Personal folders are handled by ensurePersonalFolder above; skipping
669
+ // them here avoids granting the owner access to other users' personals.
670
+ for (const repo of workspaceManager.getAllRepoConfigs()) {
671
+ if (repo.personal)
672
+ continue;
673
+ authService.grantFolderAccess(user.id, repo.name, 'admin');
674
+ }
675
+ // First-owner bootstrap: auto-provision their person entity in the
676
+ // first non-private repo (the same one we just granted them admin on).
677
+ // Non-fatal — missing team repo logs a warning, doesn't block setup.
678
+ let setupBridgeWarning;
679
+ try {
680
+ const r = await ensurePersonForUser(workspaceManager, authService, user, authUserToGitUser(user));
681
+ if (r.action === 'skipped')
682
+ setupBridgeWarning = `Person record not auto-provisioned (${r.reason}). Configure team_repo in workspace settings to enable cross-repo "My Tasks" + mentions.`;
683
+ }
684
+ catch (err) {
685
+ console.warn('[auth] ensurePersonForUser failed during setup:', err?.message ?? err);
686
+ setupBridgeWarning = `Person record provisioning failed: ${err?.message ?? err}.`;
687
+ }
207
688
  const result = authService.authenticate(email, password);
208
689
  if (!result) {
209
690
  return reply.status(500).send({ error: 'Failed to authenticate after setup' });
@@ -216,7 +697,7 @@ export async function registerAuthApiRoutes(fastify, authService, workspaceName)
216
697
  secure,
217
698
  maxAge: 7 * 24 * 60 * 60,
218
699
  });
219
- return reply.send({ user });
700
+ return reply.send({ user, ...(setupBridgeWarning ? { bridgeWarning: setupBridgeWarning } : {}) });
220
701
  }
221
702
  catch (err) {
222
703
  return reply.status(400).send({ error: err.message });